On Thu, Dec 12, 2002 at 11:57:22PM +0100, Lukas Ruf wrote: > So, my question is quite easy: wouldn't it be more secure if mozilla > was installed by dselect/apt-get/dpkg with set-uid to nobody.nogroup? > /* Of course, this would make impossible to download files into one's > home directory except it was world writable -- and caching files > would cause either more headache or the appropriate directory would > require world writability, too. > But Linux is quite often used on personal stations where only one > user account exists, e.g. on my laptop. In this case, I would > prefer writing the downloaded files to /tmp all the time and having > world writable caches but would get little more security. */ > I could imagine an installation option in --preconfigure like with > sshd.
i think this would cause more problems than it would create. cache files,
x authentication, and downloading files all come to mind. whatever you
might do to get around these limitations would probably be a greater
security risk than the reason for doing this in the first place.
as a simple rule of thumb, don't give your normal/browser user the
priviledges to break anything important. that is, you shouldn't run
on your X desktop as root, you shouldn't give your normal user write
priviledges to any important files, et c. for example, i even have my
personal music collection mounted such that i can't modify it without
su'ing. unalike a certain other operating system, you can't overwrite
kernel memory with a buggy email client.
but if you _really_ wanted to do this, no-one's stopping you, you
can already do it quite easily:
alias mozilla='su root -c "su nobody -c mozilla"'
but don't expect it to work, for one of the reasons outlined above
sean
msg18767/pgp00000.pgp
Description: PGP signature
