[Gllug] hello
Richard Jones
rich at annexia.org
Wed Aug 11 12:57:04 UTC 2010
On Wed, Aug 11, 2010 at 12:53:14PM +0100, Jason Clifford wrote:
> On Wed, 2010-08-11 at 12:33 +0100, John G Walker wrote:
> > > to write such a programme but Linux is just as vulnerable to social
> > > engineering type attacks as any other system, including Windows and
>
> > Surely the majority of servers as Linux ones, not Windows. If writing
> > viruses was a numbers game then we should see more Linux server viruses
> > than Windows ones.
>
> That's irrelevant. Simon specifically was talking about vulnerability to
> social engineering attacks - in which what matters is not whether you
> can crack a computer but whether you can convince the operator to give
> you access.
It's also about what the user is allowed to do. Of course if the user
can do anything including signing up to hundreds of mailing lists and
sending thousands of emails, then there will be no end to this. But
it's possible to limit what a program can do (on behalf of a user).
See for example Dan Walsh's work on SELinux limits:
http://magazine.redhat.com/2008/07/02/writing-policy-for-confined-selinux-users/
http://danwalsh.livejournal.com/37185.html
Rich.
--
Richard Jones
Red Hat
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list