Re: Filezilla a security risk

To: debian-user@lists.debian.org
Subject: Re: Filezilla a security risk
From: Camaleón <noelamac@gmail.com>
Date: Thu, 28 Jun 2012 20:18:49 +0000 (UTC)
Message-id: <[🔎] jsie79$no$18@dough.gmane.org>
References: <[🔎] CA+AKB6E1FfRCNbV6PimAvdvUfoBKuo7rgLsbaCR_7tgtuZdw5A@mail.gmail.com> <[🔎] jshqlo$no$5@dough.gmane.org> <[🔎] 4FECA6FB.7090606@eisenbits.com>

On Thu, 28 Jun 2012 20:48:27 +0200, Stanisław Findeisen wrote:

> On 2012-06-28 16:45, Camaleón wrote:
>>> 1. encryption: that's the file system's job
>> 
>> True.
> 
> Hm? You mean partition encryption?

What? :-?

> It won't help much if the malware is running with file owner's uid... or
> even if the system is booted at all (if you e.g. encrypt just /home).

I don't know what you mean... "Encryption" (of the user credentials, I 
understand) is what Filezilla developers think is something that has to 
come from the OS and the file system capabilities. And that's true, in  
linux systems there are POSIX permissions you can use to prevent your 
files being accessed by others.

If your account is hosed, well, go to their second argument: "2. don't 
get the malware in the first place" ;-)

Greetings,

-- 
Camaleón

Reply to:

Follow-Ups:
- Re: Filezilla a security risk
  - From: Denis Witt <denis.witt@concepts-and-training.de>

References:
- Filezilla a security risk
  - From: francis picabia <fpicabia@gmail.com>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Stanisław Findeisen <stf.list.debian.user@eisenbits.com>

Prev by Date: Re: Slowness problem
Next by Date: Re: java alternatives
Previous by thread: Re: Filezilla a security risk
Next by thread: Re: Filezilla a security risk
Index(es):
- Date
- Thread