Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
From: Derek Fawcus
Date: Thursday, October 4, 2007 - 3:56 pm

On Wed, Oct 03, 2007 at 01:12:46AM +0100, Alan Cox wrote:

well,  being sick of the number of times one has to upgrade the browser
for exploits,  I addressed it in a different way.

I ran firefox setuid to a different (not my main user),  uid+gid,  gave
my main account that gid as a supplemental group,  and gave that uid
access to the X magic cookie.

...  which only changes the nature of any exploit that might occur - any
injected code would have to go via X to attack my main account.

DF
-
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ..., Christoph Hellwig, (Sun Sep 30, 2:53 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ..., Derek Fawcus, (Thu Oct 4, 3:56 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ..., Eric W. Biederman, (Mon Oct 8, 10:20 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ..., Eric W. Biederman, (Mon Oct 8, 11:47 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ..., Eric W. Biederman, (Mon Oct 8, 12:29 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ..., Eric W. Biederman, (Mon Oct 8, 12:50 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ..., Eric W. Biederman, (Wed Oct 10, 6:48 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ..., Kazuki Omo(Company), (Mon Oct 29, 9:01 pm)