[Gllug] p2p programs
Paul Rayner
paul at ylemsolutions.com
Mon Nov 14 19:04:32 UTC 2005
On 14 Nov 2005, at 18:52, Henry Gilbert wrote:
>> 5. Don't download plugins for your browser.
>
> Hi Rich,
>
> Genuine concern here.
>
> I've installed Flash, Mplayer (DivX,WMV,AVI,QuickTime), JRE, Real
> Plugins on those Linux boxes.
> Any way to mitigate any possible exploit via those?
> (ie some way of sandboxing)
Not sure about the others, but Java (JRE) does sandboxing by default.
If you ever get a message asking you to trust an applet, make sure you
*really* trust it though because if you click yes the sandbox is
removed and it has full user privileges (another reason not to browse
as root). I've been writing a signed applet for use with a linux ERP
system, and do things like modifying system files, running shell
scripts etc. With self-signing I could easily make the applet appear to
the user as if it had been signed by any authority I choose.
Regards,
Paul
--
Paul Rayner
Ylem Solutions Ltd ~ 32-38 Leman St, London. E1 8EW
Office: 020 7173 6241 ~ Mobile: 07739 143 763 ~
Paul.Rayner at YlemSolutions.com
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list