Omer Zak wrote: > Great work! Even if we are not happy with the implications of your > findings.
I'm glad you finally acknowledge the problem exists in the ultra secure Unix environments aswell. :) As I said, the problem is with the developers, too. > I use Evolution in the Gnome desktop. Evolution presumably has a > similar hole, as well, because it allows the user to view an attachment > using software chosen according to the attachment's MIME type. Yes, that's a common feature. Many users like that, and it gives a more familiar feel... > Now: what technical changes can be done to make KMail, Evolution and > other E-mail software running under Linux and *BSD more secure, besides > complete removal of this feature? That's an interesting question and is where I focus most of my work for the last 5 years. :) There are many ways to do this - it all depends on the nature of the machine. One thing many admins liked in Stephanie is TPE that just prevented users from executing code (binaries/scripts) from untrusted locations. Another way of doing this is what I'm now implementing in NetBSD, called Verified Exec. This is a rather cool concept that I'm probably going to lecture about in Haifux (and hopefully TAUSEC, I think it's more appropriate there..) and some other developers brain-stormed some very cool new features for it - some take security in open-source OSs a step forward. There are of course many other solutions to various other problems; the problem you state above is (ugh!) a feature that needs very careful handling. This is all off-topic here, though... -e. -- Elad Efrat PGP Key ID: 0x666EB914 ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
