On Jo, 27 ian 22, 21:44:07, Nicholas Geovanis wrote: > On Wed, Jan 26, 2022, 12:39 PM Andrei POPESCU <andreimpopescu@gmail.com> > > > > And please don't bother to reply with "there are no other users on this > > system I should worry about", the bad guys could still find ways to get > > in, e.g. via a compromised browser, regardless if you are behind a > > firewall or not[1]. > > Servers don't have browsers installed on them, for exactly this reason. (already addressed by Vincent) > I think your argument above that is a red herring. Because file attribute > modification detection should be running regularly. On home machines as > well as servers. Without that, "keeping the system up-to-date" will not > prevent intrusion. I'm missing the connection between this vulnerability and file attribute modification detection, please elaborate. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser
Attachment:
signature.asc
Description: PGP signature