On Tue, 3 Sep 2002, Zoilo wrote:
> On Tuesday 03 September 2002 18:17, John_Cuzzola wrote:
> > *** Well thinking about it a little further another possibility (without
> > running local apps) is simply to create a change rooted environment for
> > Netscape that doesn't contain an /etc/passwd file
I would guess that at some point, Netscape/Mozilla does need access
to the /etc/passwd file, so that it can figure out where
the users home directory is.
I think it would be good if Mozilla had an option to NOT allow
the 'file:' type urls.
Jim McQuillan
[EMAIL PROTECTED]
On Tue, 3 Sep 2002, J
*** Well thinking about it a little further another possibility (without
running local apps) is simply to create a change rooted environment for
Netscape that doesn't contain an /etc/passwd file. You can then use the
chroot command to launch netscape.
:)
On Tue, 3 Sep 2002, Jason A. Pattie w
It would take a bit of work, but you may want to look into process-based
security projects, i.e., grsecurity, LIDS, Medusa DS9, LSM, etc.). This
would allow you to only allow those applications that explicitly need
access to files to be able to access them. So for example, the only
applicati
*** I'm not sure there is a way to stop it and even if there was there are
s many programs that would allow you to read /etc/passwd (basically
anything with a open file dialog). I wouldn't waste my time with
it. /etc/passwd has always been readable to the users (just make sure
/etc/shadow is
