No need for AV tools on Linux, eh?
Tim
ignored_mailbox at yahoo.com.au
Mon Feb 14 17:25:59 UTC 2011
On Mon, 2011-02-14 at 10:35 -0500, Daniel J Walsh wrote:
> We can prevent lots of stuff, you could run your firefox session in
> sandbox or even multiple firefox sessions within multiple sandboxes,
> We can prevent executable/writable memory checks, we can confine
> mozilla_plugin and nsplugin but most of these have to be turned off
> because things can break.
The burning questions in my mind about confining Firefox and plugins
are:
Is it hard to nail it down because it's hard to work out what to
restrict or not?
Are Firefox and plugins doing lots of things that they shouldn't really
be doing?
My suspicion is that there's a lot of bad programmers that think it
should be allowed to do anything without restriction, and they'll expend
more energy into protesting restrictions than they'll put into writing
better code.
--
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
More information about the users
mailing list