[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Dedicated admin account (was Re: Debians security features in comparison to Ubuntu)

On Sun, 18 May 2014 01:36:44 +0900
Joel Rees <joel.rees@gmail.com> wrote:

> >> There are more reasons than the X11 hole to refrain from using your
> >> admin user to surf the web.
> >
> > Just out of curiosity, what are these reasons?
> Your browser and any plugins, addons, etc. that it loads, including
> java, flash, java/ecmascript, and, well, any scripting language the
> browser can be running, for starters.
> Shoot, if my memory serves me, I seem to remember a class of
> vulnerabilities that has never really been answered, involving pushing
> keyboard loggers into the keyboard controller itself.
> >> If you are worried about needing to find answers to admin problems by
> >> searching the web, lynx helps somewhat. But I still restrict the
> >> places I visit with lynx while running as an admin to my search engine
> >> site, certain subdomains of debian.org, and such.
> >
> > I'm not only worried about my admin account.
> > This is still a big security-hole for non-admins.
> The web is not safe. If you do internet banking, at least make a
> separate, dedicated account for that, too. And if you go places where
> maybe you should not let you go, re-think your reasons for going.

So basically I would need one account for surfing, one for
online-banking, ssh(-agent) and other important stuff and an
admin-account. Some accounts I missed?

I know that's not gonna help, but I fell like there should be a better
way to isolate processes.

PS: Please don't CC me


Attachment: signature.asc
Description: PGP signature

Reply to: