RE: Document Centricity in GNOME [LONG]
- From: famrom idecnet com (Guillermo S. Romero / Familia Romero)
- To: gnome-gui-list gnome org
- Subject: RE: Document Centricity in GNOME [LONG]
- Date: Fri, 12 May 2000 01:57:17 +0200
>At this point, how vulnerable to malicious attacks/virus/trojan horses are
>Unix-like OSes? In other words, is there a program that when run, can do
>substancial damage?
If you run as root, a lot. If as normal, user only, what user could do...
which drives us to a nice tactic that I use (and everybody should use when
you can add accounts freely): create a dummy account, with zero permissions
(do not add it to other user groups and such, just a default user, copying
all you need, so you can write, but only read others files, if at all) and
use it as cannon fodder. The most you will lose will be .bash_history and
other unusefull files (you can copy from others, no?).
Maybe the open safely should be in that line, it is the perfect sandbox (I
must insist that the account must be one that can not write others files,
sudo or other privileged things, the most read files). su to dummy user,
place some boby traps (baits) and lets run. Oooh! Bait files changed, dummy
user has problems! File is a virus, kill it! Wait... keep a copy under a
secured way, lets say ROT13 but in a binary kind, and mark it as virus, so
user can delete it or send to debugger friend.
Find a way to do all that in a nice way with GUI and you are done (CLI is
just some cmds like "xhost +local:" "/bin/su - dummy" "export DISPLAY=:#"
"run file" wait).
chroot is also a thing we should study. I think we need an Unix guru here,
he could point us to real solutions, using normal Unix tools. Never tought
that Unix could do so many things, did you?
GSR
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
