[ale] Trojan mpg123 alert
Jason Day
jasonday at worldnet.att.net
Mon Jan 20 10:34:05 EST 2003
On Wed, Jan 15, 2003 at 11:03:06PM -0500, Stephen F Nicholas wrote:
> Slap me if I read this incorrectly. People surf the web under their root
> account ?? :-(
I haven't read Bob's book (yet :)), but when I read Dow's message I
thought Bob was recommending creating a special user account just for
browsing the web. In other words, run X as your normal user (not root).
But when you want to run a browser, ssh to localhost and login as the
browser user, then start the browser as that user. That way, you can
minimize the damage if your browser process gets compromised.
>
> On Wed, 15 Jan 2003, Dow Hurst wrote:
[...]
> > Bob recommends web browsing as a separate user. Especially if you are
> > using plugins, java, or javascript enabled. I think ssh'ing to your
> > machine as the untrusted user to run the apps would work okay. Or, for
> > the dual screen people, instead of running Xinerama, use two separate
> > Xservers and log in as separate users.
--
Jason Day jasonday at
http://jasonday.home.att.net worldnet dot att dot net
"Of course I'm paranoid, everyone is trying to kill me."
-- Weyoun-6, Star Trek: Deep Space 9
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list