Hi, Jacob wrote: > I disagree in practice - if someone can pop a shell as the Amnesia > user, they can jump to the i2psvc by using the sudo rule and then > attacking I2P. That concern seems to point toward a different > solution. Furthermore, it suggests that an actual I2P user should not > be so easy to deanonymize. That won't come from the firewall > protection, I guess.
If someone can run code as the 'amnesia' user your are lost anyway because he then controls input/output and therefore can do anything the real user can do. HW42
signature.asc
Description: PGP signature
_______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
