Re: Thank you, unknown genius!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Apr 09, 2008 at 16:52:52 -0500,
  Les Mikesell <lesmikesell@xxxxxxxxx> wrote:
> Craig White wrote:
> >
> >Bruno is noting that the current methods of exploitation tend to be web
> >pages, flash, java, media files and a firewall isn't going to be of much
> >help with this type of intrusion but selinux clearly could be a layer of
> >use here.
> 
> Does it actually prevent browser plugins from doing things that the 
> running user can't do in the default configuration?

Yes.

> >Yes, disabling SELinux is certainly always possible, and in fact quite
> >easy to do but that doesn't mean that it's the best choice possible.
> 
> On the other hand, if you have a limited amount of time it might be 
> better spent getting the simple layers right than on learning a complex 
> add-on layer that is still new enough that you can expect bugs.

I don't like having to trust Firefox (that's without plugins). That code
virtually has to have some bugs that will allow running arbitrary code
as the user. I think people are crazy to us propietary plugins. As events
have shown, not only to corpoartions make mistakes with their code they
also intentionally make it doing stuff hostile to the user. Having SELinux
be able to help with this stuff would be very nice.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux