-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Thursday 2008-01-10 at 18:25 -0700, Don Raboud wrote:
PDF files can have internal macros to make this happen. I have heard
of at least one company that has implemented the logic.
Had to rescue the page for the occasion, sorry for the
currently unavailable links to helping.net.
http://justwars.com/linux/Adobe-Acrobat-Spying-on-Users.html
Among the options one can set in Acrobat reader is to specify a proxy which I
usually set to 127.0.0.1 to avoid things like this. (I am not paranoid, just
don't like the very idea.) Of course, being closed source one has no idea if
acrobat reader honors these settings or not.
I read about a trick to block in the firewall packets originating from a
program running with a certain GID:
] Date: Sun, 17 Apr 2005 18:52:27 +0200
] From: nordi
] To: suse-security@
] Subject: Re: [suse-security] How to block Acroread 7 with SuSE FW2?
]
] In order to block that traffic you could make the acroread executable
] SGID 'acro' and then block all traffic coming from group 'acro'.
] Iptables has an option for doing this by using the --gid-owner option.
] Of course that works only with a local firewall.
] Date: Mon, 18 Apr 2005 15:56:26 +0200
] From: nordi
] To: suse-security@
] Subject: Re: [suse-security] How to block Acroread 7 with SuSE FW2?
]
] Carl A. Schreiber wrote:
]> I'd like to learn more about this, would you mind to give an example
]> for such a rule?
]
] I did it with the following rule:
] iptables -A OUTPUT -m owner --gid-owner talker -j REJECT
]
] Then I set /usr/bin/netcat to be owned by group 'talker' and to mode
] 2755 (SGID). After that I could not connect anywhere with netcat. Once I
] chmodded netcat back to 755 it worked again.
- --
Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
iD8DBQFHhtILtTMYHG2NR9URAkbvAJ97TZNMCFFM5dxUIvfzIzgx8qbDRwCeMMbO
6loY9J/tdF2i+Xn9FBmil7w=
=fUaP
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
