:~>Hi,
:~>
:~>I've been reading all the security info on Outlook virii recently,
:~>installing procmail traps for my users, and discussing with friends the
:~>possibility of such threats appearing on Linux (and unices in general).
:~>While the probability of somebody writing an e-mail client that would
:~>lauch executables with a single click is (hopefully) a remote one, and
:~>it really takes some effort and a lot of stupidity to use '/bin/sh' as
:~>your Netscape viewer for 'application/x-sh', it seems certain that at
:~>some time in the future Linux will be the target of virus attacks of
:~>sorts. Now, I think one could try (apart from educating users and
:~>avoiding risky 'features' in programs) to help users make their valuable
:~>data more secure by using ext2 file attributes and Linux access rights.
:~>What I mean is a smallish graphic utility somewhere on the Mandrake
:~>desktop (it would be great if someone added this to graphic filemanagers
:~>too) that would let the user to, say, 'lock/seal/secure this
:~>directory/file' by removing write access (dirs) and executing 'chattr
:~>+i' (files) through a grpahic 'su' wrapper (ksu/gsu). In a graphic
:~>manager, such directories/files could be marked in a special way.
:~>
:~>Access rights prevent the hypothetical virus from destroying the whole
:~>system, but what counts most for a user is his own data, after all. A
:~>tool like above (or a filemanager feature) would IMVHO go a way towards
:~>avoiding data loss catastrophies, not only virii-related - a mistyped
:~>'rm -f' would also be less dangerous that way. All it would take would
:~>be for the user to 'lock' those directories they can't afford to lose.
:~>
:~>What do you think?
Would not help you much. What WOULD help is having all programs started
from mail programs chrooted to somewhere where they cannot do any damage.
my 2c
Denis
--
-----------------------------------------------------
Dr. Denis Havlik <http://www.ap.univie.ac.at/users/havlik>
Mandrakesoft ||| e-mail: [EMAIL PROTECTED]
Quality Assurance (@ @) (private: [EMAIL PROTECTED])
-------------------oOO--(_)--OOo---------------------
Hi! I'm a .signature virus! Copy me into your ~/.signature to help me
spread! ([EMAIL PROTECTED])
