[ale] Linux Distributions
Jim Popovitch
jimpop at yahoo.com
Tue May 17 15:45:02 EDT 2005
On Tue, 2005-05-17 at 15:17 -0400, George Carless wrote:
> > If everything on the PC is specific to that one user (root or
> > otherwise), then there is no worse harm running the buggy app as root or
> > user xyz. In fact a good argument can be made that you are introducing
> > a false sense of security by what you say above. Do you REALLY know
> > what that buggy app just did?
>
> Eh?
If you run your browser as user bob, how do you really know that
java/javascript/flash/realplayer/etc. didn't just do a malicious thing
that did in fact gain root privileges via any local root exploit (like
the ones just announced in kernel 2.6.11)?
-Jim P.
More information about the Ale
mailing list