On Sun, Mar 02, 2008 at 08:16:16PM -0500, Douglas A. Tutty wrote: > On Sun, Mar 02, 2008 at 05:01:06PM -0800, Andrew Sackville-West wrote: > > On Sun, Mar 02, 2008 at 04:32:26PM -0800, David Fox wrote: > > > On 3/2/08, Andrew Sackville-West <andrew@farwestbilliards.com> wrote: > > > Anyway, that's the whole point of an exploit -- providing some > > _thing_, data or code, that causes a privilege escalation. It doesn't > > have to be a helper running as root, just a helper that can be > > exploited in some manner to get a root escalation. At least that's > > what I understand. > > Do the standard virus checkers (is it ClamAV?) find such problems before > an exploit in mutt/helper is found or fixed? don't know. > > I never read email from X, always from a VT (or a vt520). If something > comes in from someone I don't know and it contains an image, I delete > it; if it contains html, I read it myself and if I'm really curious I'll > open it with lynx when disconnected from the internet (I'm on dialup). > Any other attachements from people I don't know get deleted too. If I > get an unknown attachement from someone I do know, I'll send them a note > saying "what is this?". > > I never read mail as root, it all gets redirected to me, dtutty. OTOH, > dtutty is in lots of groups: ssh, adm, staff so something nasty could do > some harm. Note that for surfing the net with javascript or flash, I > use the user dtbrowser which is in no special groups and has nothing > secret in /home/dtbrowser. > based on the above, I think you've not a thing to worry about. But I'm no expert at all. All my previous statements are hearsay at best. A
Attachment:
signature.asc
Description: Digital signature