Moat of the advanced persistent threats (APT) are initiated via e-mail. Opening an attachment or clicking on a web link starts the process. Why isn't Firefox and Evolution confined with SELinux policy in a way that APT can't damage the rest of the system? Why are we not sandboxing these two apps with SELinux? I've discovered some guidance for sandboxing Firefox using the 'sandbox' command. Once I test it a bit, I'll post the results back here. Seems to me that if this works, it should be the default. DaveM _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
- From: David McGuffey <davidmcguffey@xxxxxxxxxxx>
- Date: Thu, 06 Dec 2012 21:05:00 -0500
- Delivered-to: centos@xxxxxxxxxx
- Follow-Ups:
- Re: Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
- From: Gordon Messmer
- Re: Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
- From: Rob Townley
- Re: Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
- From: Daniel J Walsh
- Re: Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
- Prev by Date: Re: awk awk
- Next by Date: Re: awk awk
- Previous by thread: awk awk
- Next by thread: Re: Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
- Index(es):
 |