Re: Clamav

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "Bruno Wolff III" <bruno@xxxxxxxx>
Sent: Saturday, 2010/April/17 06:23


> On Fri, Apr 16, 2010 at 20:29:25 -0700,
>  Craig White <craigwhite@xxxxxxxxxxx> wrote:
>>
>> Clearly no OS is safe from exploit. The most effective security method
>> employed on Linux is simply not to run as superuser where most Windows
>> and Macintosh users are running as superuser and the software leaves it
>> to the user to figure out how to run with less privileges (very possible
>> but not the typical usage).
>
> I disagree. This can help with restoring a system, but is more useful
> for protecting users from each other than users from malware. User
> accounts have all of the power needed to replicate malware. User accounts
> have valuable data (may be private or hard to recreate), where as data
> owned by root typically isn't. There have historically been a lot of local
> root exploits on linux systems that allow malware to elevate its
> privilieges.
>
> I think selinux is going to of more use in this area than standard unix
> file system privileges and having a separate root account. It won't solve
> all of the problems, but it can help protect users from processes running
> as themselves.

Heh, you get it. SELinux is a anti-malware software.

{^_-} 

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux