Local system security
Matt McCutchen
matt at mattmccutchen.net
Wed Jan 5 21:57:48 UTC 2011
On Wed, 2011-01-05 at 16:13 -0500, Adam Jackson wrote:
> On Wed, 2011-01-05 at 14:10 -0500, Matt McCutchen wrote:
> > On Wed, 2011-01-05 at 11:12 -0500, Adam Jackson wrote:
> > > (And of course what we're doing here is protecting against a malicious
> > > attacker who already has enough privileges to run code on your system,
> > > which means you're pretty far into having already lost. Meh.)
> >
> > I've seen this viewpoint a number of places. IMO, it's a shame that the
> > community seems to be giving up on local system security. In various
> > situations, it would be quite convenient if I could give other people
> > shell accounts on my machine without risking compromise of all of my
> > data. The virtualization solutions are more work to set up.
>
> You're putting words in my mouth just a little.
>
> The existing discussion was about denial of service attacks.
OK, I misunderstood. Reading your remark by itself, I thought it
referred to confidentiality and integrity too.
--
Matt
More information about the devel
mailing list