Re: Bugs in Browsers: Mozilla & Co. vs. Exploder
Dear sean, nate, Colin, Jamin,
thanks for your replies. Even not appreciated in a mailing list of
puritans, I reply to all emails by sending one only -- I assume the
Debian mailing list is not a list of mailing list-puritans since many
full-quoting-top-posters are seen ,-).
* sean finney <seanius@seanius.net> [2002-12-13 02:13]:
In fact, I do not care about the root account -- except that I try to
keep it as secure as possible. What is important to me are all my
files including work results etc. They are backed up regularly on two
different locations -- but at least one of them can be easily deleted:
if a mallicious program would get my user account, by ssh-ing to other
locations no password would be required there (as do probably many
users with their cvs repositories). However, the data there is
backuped too ,-).
The problem was not an "rm -rf /home/ruf". Much worse was the slight
change of single bits and bytes, undiscovered over at lest three
months; after this period, all backups were thrown away...
su lukas -c /usr/bin/mozilla
If this was running, I would solve my "problem" /* as written before,
on my laptop only I myself is working there. */
* nate <debian-user@aphroland.org> [2002-12-13 02:16]:
>
> sounds like an interesting idea though. I would think if someone is
> that paranoid about security they could just use another account
> entirely(or another system) for web browsing. Perhaps something
> like VNC, or ssh to another system and tunnel mozilla, or use
> multiple local X servers.
>
I set up on my laptop a different user account. As I am used to start
for example ethereal with su -c ethereal, I tried to start mozilla.
However, nothing happens.
* Colin Watson <cjwatson@debian.org> [2002-12-13 02:27]:
>
> bugzilla.mozilla.org lists plenty ...
>
uups, was not aware of that.
>
> No! nobody.nogroup should *never* own any files, ever, ever. It's
> correct that Mozilla runs as your user id.
>
Well, I know that's correct that Mozilla runs as me. But I would like
to avoid that.
>
> It sounds like you want SE Linux, really ... googling for "SE Linux" or
> "SE Linux Debian" should help. Much of its development is happening on
> Debian. As I understand it, at the moment you'll need to be fairly
> proficient to get it running well.
>
Thanks for the hint, I'll try!
> Alternatively, if you're just worried about losing vital personal files,
> you might want to consider storing them in a revision control system
> (or, of course, keeping good backups).
>
see above.
* Jamin W. Collins <jcollins@asgardsrealm.net> [2002-12-13 02:46]:
> On Thu, Dec 12, 2002 at 11:57:22PM +0100, Lukas Ruf wrote:
>
>
> Additionally, Linux is frequently installed on multi-user systems,
> thus the central cache and download location would be a hassle.
>
Well, I am aware of that -- however, it's not what concerns me on my
laptop ,-)
wbr,
Lukas
--
Lukas Ruf
http://www.lpr.ch
Wanna know anything about raw ip?
Join rawip@rawip.org on http://www.rawip.org
Reply to: