Alvin Oga wrote:
ah .. good point ... i make no distinction between local access
vs physical access in that if the server is behind the locked
door, it'd be better than if its on the corp server in the next
open cubicle on the same cat 5 wires, hubs and switches etc
Physical access means they
s. keeling wrote:
Do you understand what anyone can see anything really means? Have
you pumped tcpdump output into ethereal lately?
anyone can see anything really means anyone can see anything.
Think about it. And what's the real reason why you don't want to
bother with sudo?
I'm curious,
s. keeling wrote:
... should be != are. Are you sure no-one there's using telnet,
ftp, etc?
If they send their confidential data unencrypted, that's not my fault, and
there's not much I can do to stop them (even if I somehow make it impossible on
my computers, they could still go to a library
s. keeling wrote:
Isn't it generally accepted that black hats who get local access (ie.,
a user login account) is _much_ worse than black hats who've been kept
out? Assuming black hat wants root, taking over a user's account is a
very big first step.
I would take the security of your user's
Alvin Oga wrote:
no more telnet, no more pop3, no more wireless, no more
anything that is insecure
Those are not insecure: using them unwisely is. Telnet over a VPN is just as
secure as ssh with password authentication. The same goes for pop3/pop3s.
Wireless is completely different
archives at lists.ubuntu.com for the Scary .desktop behaviour thread.
I was pondering complicated solutions with alternate stream hacks (like
XPSP2 uses), but your suggestion is much simpler and would require
minimal changes to the system.
On Wed, 2005-01-19 at 06:52 -0500, David Mandelberg
Rick Moen wrote:
Quoting David Mandelberg ([EMAIL PROTECTED]):
Attached.
Save to your GNOME/KDE desktop (like many newbies do) and double click
the new icon. .desktop files (currently) don't need the x bit set to
work, so no chmod'ing is necessary.
I'm sorry, but the question
--(-)
b++(+++)@ DI? D? G e- h* r? z*
--END GEEK CODE BLOCK--
David Mandelberg
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Rick Moen wrote:
Quoting David Mandelberg ([EMAIL PROTECTED]):
You also asked a question about something I didn't say (I said that
the person had to open it).
Actually, no, you didn't. (Presumably you intended to, though.)
Your question spoke of opening a particularly-named
*
--END GEEK CODE BLOCK--
David Mandelberg
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Rick Moen wrote:
Quoting David Mandelberg ([EMAIL PROTECTED]):
Do you mean to say that opening message.txt\t\t\t.desktop which
happens to be a freedesktop.org compliant launcher for the program rm
-rf $HOME is safe because it's designed for people running one of the
F/OSS products GNOME or KDE
*
--END GEEK CODE BLOCK--
David Mandelberg
[EMAIL PROTECTED]
signature.asc
Description: OpenPGP digital signature
12 matches
Mail list logo
