> Now, a harden web server is now built with LIDS, It is more and
> more difficulty and even impossible for a hacker to change your pages.
I crack your X server. I get iopl3, I erase your disk flash firmware. You
look very silly.
LIDS is a useful tool but it isnt a complete security model. At the very
least you need to be revoking capabilities globally and also protecting
any downloadable firmware (eg sound cards) from tampering.
An alternative approach is compartmentalisation.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
