[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

risks of using net apps as a user in wheel or adm?

This is a more general question to an issue that came up in another

Not to single out Iceweasel but, for example, IIUC, javascript and
flashplayer end up running someone else's code on your computer as you.  

What are the security implications of this?  What could a malicious
flash or piece of javascript really do you files in your home directory?

What are the security implications of this if you are also a member of
group wheel, adm, or staff?

As for my home directory, of course it has security-sensitve info:
health info, passwords, and other private documents.

Should I have a separate user setup for just running a javascript- and
flash-enabled web browser?

I know that any software can have bugs, but I think that software that
has to keep up with features to be useable (e.g. a browser) is more
likely to be at risk of unknown exploits than more feature-stable
net-apps such as mutt, exim, ftp, or rsync.


Reply to: