Denis HAVLIK wrote:
[...]
> :~>What I mean is a smallish graphic utility somewhere on the Mandrake
> :~>desktop (it would be great if someone added this to graphic filemanagers
> :~>too) that would let the user to, say, 'lock/seal/secure this
> :~>directory/file' by removing write access (dirs) and executing 'chattr
> :~>+i' (files) through a grpahic 'su' wrapper (ksu/gsu). In a graphic
> :~>manager, such directories/files could be marked in a special way.
> :~>
> :~>Access rights prevent the hypothetical virus from destroying the whole
> :~>system, but what counts most for a user is his own data, after all. A
> :~>tool like above (or a filemanager feature) would IMVHO go a way towards
> :~>avoiding data loss catastrophies, not only virii-related - a mistyped
> :~>'rm -f' would also be less dangerous that way. All it would take would
> :~>be for the user to 'lock' those directories they can't afford to lose.
> :~>
> :~>What do you think?
>
> Would not help you much. What WOULD help is having all programs started
> from mail programs chrooted to somewhere where they cannot do any damage.
That's OK for e-mail attachments, but the locking thingy would be more
general.I've had a few accidents so far with an imprudent use of 'rm'
('mc' has this bug that sometimes there's a problem with the sub-shell
you get by hitting 'Ctrl-o' - the prompt is not visible, and the 'pwd'
is not what was in the panel). In one case a FAT partition was involved
- tough luck, twelve hours of advanced data recovery training. But in
the case of ext2 partitions, I still think the 'sealer' could be useful
for a typical home user (I can always do exactly the same from
command-line). And of course it doesn't exclude the sandbox for e-mail
attachments in any way, we can have both - too many security options is
not a problem.
> Dr. Denis Havlik <http://www.ap.univie.ac.at/users/havlik>
--
Grzegorz Staniak <[EMAIL PROTECTED]>
