[linux-elitists] Comprehensive list of Linux malware
Fri Nov 19 13:15:17 PST 2004
* Andrew Kohlsmith (email@example.com) [041119 16:03]:
> The user's web browser and email client actually run on their alternative
> login, and the point-n-click interface seamlessly sudo's to the intarweb user
> in order to use these applications. Thus any malware cannot directly attack
> the user's home directory or data.
> For added protection the intarweb user could have certain restrictions placed
> upon it -- say the inability to run su or sudo, and perhaps a GUI-level lock
> which prevents any dialog boxes or modal windows from popping up without a
> visible and unobscurable "scar" indicating that the window in question is NOT
> a normal system window.
> Not a perfect solution but certainly one which it would significantly raise
> the bar on making applications which could trash a user's data or present
> them with password entry screens which would allow the attacker to get at the
> user's data.
This makes it kind of hard to say, save a file that you might actually
want to be able to actually do something with though, doesn't it?
http://www.rickbradley.com MUPRN: 910
| (BlakeR1234@aol.com) on
random email haiku | open or resolved (but
| not verified) bugs.
More information about the linux-elitists