[Gllug] p2p programs
Rich Walker
rw at shadow.org.uk
Mon Nov 14 19:11:14 UTC 2005
Henry Gilbert <henry.gilbert at gmail.com> writes:
>> 5. Don't download plugins for your browser.
>
> Hi Rich,
>
> Genuine concern here.
>
> I've installed Flash, Mplayer (DivX,WMV,AVI,QuickTime), JRE, Real
> Plugins on those Linux boxes.
> Any way to mitigate any possible exploit via those?
> (ie some way of sandboxing)
Yes: don't run a browser as root!
Personally, nothing gets installed here unless it is
(1) a debian package from a sanre repositiory
(2) compiled from source.
(Sometimes I go so far as to check the md5sums of downloaded tar files,
but not always).
If the plugins you are using are "vendor-supplied" then the vendor will
do security management; as long as you get the security updates in a
timely manner, you'll be fine.
cheers, Rich.
> --
> Gllug mailing list - Gllug at gllug.org.uk
> http://lists.gllug.org.uk/mailman/listinfo/gllug
--
rich walker | Shadow Robot Company | rw at shadow.org.uk
technical director 251 Liverpool Road |
need a Hand? London N1 1LX | +UK 20 7700 2487
www.shadow.org.uk/products/newhand.shtml
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list