From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-114774-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1OuWuT-0002NH-7Y
	for garchives@archives.gentoo.org; Sat, 11 Sep 2010 20:42:53 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 17CFDE0B12;
	Sat, 11 Sep 2010 20:42:51 +0000 (UTC)
Received: from dcnode-01.unlimitedmail.net (smtp.unlimitedmail.net [94.127.184.242])
	by pigeon.gentoo.org (Postfix) with ESMTP id B4788E0B12
	for <gentoo-user@lists.gentoo.org>; Sat, 11 Sep 2010 20:42:50 +0000 (UTC)
Received: from scooter.muppet.show (hex.aaisp.net.uk [90.155.53.9] (may be forged))
	(authenticated bits=0)
	by dcnode-01.unlimitedmail.net (8.14.3/8.14.3) with ESMTP id o8BKgXX5009680
	for <gentoo-user@lists.gentoo.org>; Sat, 11 Sep 2010 22:42:34 +0200
Date: Sat, 11 Sep 2010 21:28:13 +0100
From: Etaoin Shrdlu <shrdlu@unlimitedmail.org>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] sudo in kernel config ?
Message-ID: <20100911212813.3757106d@scooter.muppet.show>
In-Reply-To: <4C8BE82E.6020500@gmail.com>
References: <201009111024.31634.stephane@22decembre.eu>
	<1284198419.2992.20.camel@paska>
	<201009112218.05042.alan.mckinnon@gmail.com>
	<4C8BE82E.6020500@gmail.com>
X-Mailer: Claws Mail 3.7.6 (GTK+ 2.20.1; x86_64-pc-linux-gnu)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-SOLTECSIS-MailScanner-ID: o8BKgXX5009680
X-SOLTECSIS-MailScanner-From: shrdlu@unlimitedmail.org
X-Spam-Status: No
X-Archives-Salt: 169374c7-9b24-4525-acf8-f17b1dfc9a81
X-Archives-Hash: da558661ca88aba05cb2419e7ca86e4c

On Sat, 11 Sep 2010 15:35:58 -0500 Dale <rdalek1967@gmail.com> wrote:

> If they are accessible by a user, couldn't a user then edit or add 
> something that would then cause a security problem?  If they can edit 
> them and no one know it, then root comes along and builds a shiney new 
> kernel with a really nice security hole.

This was actually a potential risk once upon a time:

http://attrition.org/security/advisory/gobbles/GOBBLES-16.txt