On Wed, Apr 15, 2009 at 10:24 AM, Null Ack wrote:
> X security. He makes what seems to be a very sound suggestion about
> Plash and hooking into GTK, thus overcoming the problem of needing to
> in advance make determinations about what a desktop user might do and
> the X security problems.
Chromi
> I guess I was hallucinating working on the apparmor profile for
> clamav-daemon and freshclam (also run as a daemon) today.
>
Thats great, though Scott please don't make the mistake of taking a
strawman approach. What I said was about AppArmor defaults. I dont see
my current dev build of the des
On Wed, 15 Apr 2009 11:03:26 +1000 Null Ack wrote:
>Considering some noise happening in the blog space over a Linux
>magazine article about security problems with Ubuntu server I think we
>should re-visit this topic. The article is at:
>
>http://www.linux-mag.com/id/7297/2/
>
>The key criticisms o
Thanks Mathias. I note that discussion is limited to the Server build,
whereas this discussion has both desktop and server build topics.
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-
On Wed, Apr 15, 2009 at 11:03:26AM +1000, Null Ack wrote:
> Considering some noise happening in the blog space over a Linux
> magazine article about security problems with Ubuntu server I think we
> should re-visit this topic. The article is at:
>
> http://www.linux-mag.com/id/7297/2/
>
> The ke
Considering some noise happening in the blog space over a Linux
magazine article about security problems with Ubuntu server I think we
should re-visit this topic. The article is at:
http://www.linux-mag.com/id/7297/2/
The key criticisms of Ubuntu server raised by Linux magazine are:
1. Default p
Gday John,
Good to see another Aussie on the list and contributing some top info :)
I've looked into Plash and I think your suggestion is excellent.
I was thinking of a two pronged approach:
1. AppArmor / SELInux or whatever static like central policy to
contain deamons, as these services typic
On Mon, Mar 16, 2009 at 3:13 PM, Null Ack wrote:
> * Having AppArmor actually protecting the desktop build rather than
> what seems as currently a false illusion of coverage with just CUPS
> being protected
The big problem with GUI apps, is that Xorg was not really designed to
be secure, so apps
2009/3/16 Mackenzie Morgan :
> Oh, and um...ufw enabled *for IPv6* as well.
If not already done, depends on a separate blueprint for enabling ufw
with a default deny policy.
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://li
On Monday 16 March 2009 2:13:34 am Null Ack wrote:
> Gday folks :)
>
> There is difference between what I foresee as sensible security
> defaults for our desktop build against what is being currently
> delivered. It may very well be that there is aspects to the current
> setup that I am not fully
10 matches
Mail list logo