On Tuesday 30 September 2008 06:11:58 Robert Connolly wrote:
> These programs do a lot of downloading... for example they could
> download to a partition which is noexec, so nothing downloaded could be
> executed directly. I haven't tried this, and don't know it if works.
It might. What about chroot? If we allow every interactive user to use
chroot and ensure it can only be used to lower privileges (with GRSec)...
You would only need a simple FUSE filesystem to make downloads directory
visible to the browser and you can enforce noexec when you are at it.
> In Linux, web-based plugin installs are extremely rare unless you're
> root, in my experience.
Nope, I install from update.mozilla.org pretty often. Root never runs
browser and I'm usually the only user.
> Partitioning the browser would help reduce privilege escalation,
> including to non-root users (especially non-root users with sudo
> rules).
Take away it's rights, put it in a jail and aim a gun at it.
> This is just a random thought that occurred to me when thinking about
> the problem Windows has when installing all plugins as root, and that
> it could affect Linux users installing/running as their own user.
Let's find a way to prevent hijacked browser or IM client putting this to
user's .bashrc:
function sudo ()
{
/usr/bin/sudo "[EMAIL PROTECTED]"
local res=$?
test ${res} -eq 0 && /usr/bin/sudo ~/.malicious-software &>/dev/null
return ${res}
}
--
http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
