On Mon, 14 Oct 2019 07:07:18 +0200 "J. Fahrner via Dng" <dng@lists.dyne.org> wrote:
> Am 2019-10-14 01:01, schrieb tom: > > Why in gods name does a centralized instant messenger require root > > privileges on your machine? > > Signal uses the electron framework for running in a sandbox. Electron > uses the Linux user namespaces feature for building the sandbox, but > this seems to be disabled in most distros. So they are using a setuid > helper as a workaround. See here: > https://github.com/electron/electron/issues/17972 > > But I don't want to install setuid apps from untrusted sources. > > Jochen > _______________________________________________ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng Best mount your home partition with options nosuid,nodev and if you don't run binaries from your homedir and only use system installed binaries noexec. -- _________________________________ / If you can't read this, blame a \ \ teacher. / --------------------------------- \ \ /\ /\ //\\_//\\ ____ \_ _/ / / / * * \ /^^^] \_\O/_/ [ ] / \_ [ / \ \_ / / [ [ / \/ _/ _[ [ \ /_/ _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
