Hi, [please don't Cc me, I read the list.]
temp238...@ruggedinbox.com wrote (29 May 2015 17:34:44 GMT) : > If someone can get an shell on Tails, they can get a lot of hardware > information > without root. Dmesg is stopped, but any user can run 'cat /proc/cpuinfo' > 'lsusb' and > 'lspci', which makes it easier to identify the user. That's right. > Someone can use something like a Firefox exploit on the unsafe > browser to get a shell. Indeed, even our minimal AppArmor confining of some applications doesn't try very hard to block access to such information. > Is there a way to stop regular users from getting this info? I'm afraid this can't be really fixed without switching to a Whonix/Qubes design. This is one of the possible major goals we might decide to go for in 2016-2018, but it's not been decided yet. Cheers, -- intrigeri _______________________________________________ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
