[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Desktop Environment

I would believe that it will heavily depend on how you configure your desktop environment: * One feature I do always turn off is desktop auto indexing because otherwise even storing an email attachement just for invoking it with an online view-as-jpeg service could cause an infection. Note that you may have to do this twice (once for Gnome and once for KDE) if you have installed according programs of both environments. * select starting a new session on every bootup (the session restoration can be used as a hook for ephemeral and home directory rootkits) * under KDE there is a list of background services that always run; you may reduce it to what you really need (invokable via systemsettings)
* likely there are other important configuration options (ask for your env.)
* get some understanding of what your X-server does (f.i. http://www.elstel.org/xchroot : problems with a pure chroot, trying to resolve these problems by hand)
* double check the security of the underlying system (netstat -atupn)
* note that your email program and your browser are the two most vulnerable parts of your desktop environment; consider running them under qemu in a virtual machine

Once you would comply with all these hints you may likely discover a rootkit inside the virtual machine for emailing or browsing as I did lately. The KDE environment of the host system did not appear to have compromised the security of the whole system so far at me.


On 27.10.2015 12:29, Mateusz Kozłowski wrote:
Could You tell me which debian desktop environment is the most security and the best privacy and which You recommned for debian users? (KDE, XFCE, GNOME etc.)?

Reply to: