Ok, thanks a lot for your patience with this !
> The kinds of attacks you're talking about--bad emails, trojan web
pages, etc. may seem like remote attacks, but from an OS standpoint,
they're really not: they originate someplace else, but they trick
users into doing something locally, and they nee
On 5/26/05, Stephan Wehner <[EMAIL PROTECTED]> wrote:
> Thanks a lot for your reply. -- Are you saying there is too much
> overhead or the end result is not worth any overhead??
>
> Why bother chrooting apache, for example, and not leaving it with your
> recommended systrace?
>
> My question is m
Thanks a lot for your reply. -- Are you saying there is too much
overhead or the end result is not worth any overhead??
Why bother chrooting apache, for example, and not leaving it with your
recommended systrace?
My question is motivated by exploits through Internet access; it seems
to me server
Stephan Wehner wrote:
> Mainly I'm worried about running a lot of user applications which
> connect to the Internet. But I can't estimate the overhead.
>
choose wisely your applications and systrace(1) would most likely give
you some extra security.
> Please don't reply to a message when starting a new thread.
Ok.
> What problem are you trying to solve? If the user is chrooted into the
> home directory, what programs would they run?
No, I had in mind all home directories set below an extra root:
/separate/usr/... /separate/etc... and /se
Stephan Wehner wrote:
Does it make sense to run the "Desktop" (e.g., X11 / Gnome / clients)
chroot'ed? Non-technical users can live without all the rest.
Please don't reply to a message when starting a new thread.
What problem are you trying to solve? If the user is chrooted into the
home di
Does it make sense to run the "Desktop" (e.g., X11 / Gnome / clients)
chroot'ed? Non-technical users can live without all the rest.
Stephan
7 matches
Mail list logo