Money Luser – WindowsTechs.com

Do the path based rules of AppArmor allow an attacker to bypass with a hardlink?

Posted on November 8, 2022 by Money Luser

I remember reading something along these lines back when AppArmor was first released but now I cannot remember the details.
Assuming a system with a single filesystem, if an attacker can manage to create a hard link from within an accessib… Continue reading Do the path based rules of AppArmor allow an attacker to bypass with a hardlink?→

seems like a wide gaping hole in the process for checking integrity of e.g. linux distro releases

Posted on July 28, 2020 by Money Luser

Many linux distributions recommend using downloaded signing keys to verify the integrity of downloaded checksums. This seems utterly ridiculous to me, since the downloaded keys are just as suspect as the downloaded checksums. And checking … Continue reading seems like a wide gaping hole in the process for checking integrity of e.g. linux distro releases→