On Fri, Apr 04, 2003 at 01:15:25PM +0800, -JhAzEr- wrote: > I Agree! i've got a glimpse of LIDS's capabilities and it's really amazing. > Imagine if root can't delete a certain file, whether it's a configuration > file or a binary file. How about hiding your /etc/passwd file or your whole > /etc directory with only the programs accessing it which has access through > it. Imagine also if you can hide a certain process/es and even if you're > root you cannot view it. And many more! ;)
Note that LIDS has had its share of critical security bugs that result in compromising LIDS protections and other privilege escalation problems. NSA's SELinux hasn't been too widely deployed yet, but may provide a better solution. -- Rafael R. Sevilla <dido at imperium dot ph> +63(2)8123151 Software Developer, Imperium Technology Inc. +63(917)4458925 "Patriotism...is nothing else but a means for obtaining for the rulers their ambitions and covetous desires, and for the ruled the abdication of human dignity, reason, and conscience, and a slavish enthralment to those in power." _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
