Local system security
Matt McCutchen
matt at mattmccutchen.net
Wed Jan 5 19:10:09 UTC 2011
An aside:
On Wed, 2011-01-05 at 11:12 -0500, Adam Jackson wrote:
> (And of course what we're doing here is protecting against a malicious
> attacker who already has enough privileges to run code on your system,
> which means you're pretty far into having already lost. Meh.)
I've seen this viewpoint a number of places. IMO, it's a shame that the
community seems to be giving up on local system security. In various
situations, it would be quite convenient if I could give other people
shell accounts on my machine without risking compromise of all of my
data. The virtualization solutions are more work to set up. If what
you say is right, the many schools that still use large shared shell
servers are relying on their users not to be too evil, or alternatively
the users shouldn't use the servers for anything important.
--
Matt
More information about the devel
mailing list