SELinux
Daniel J Walsh
dwalsh at redhat.com
Thu Jan 20 21:24:03 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/20/2011 04:17 PM, Kostas Sfakiotakis wrote:
> < snip >
>
>>> Using evince would be an improvement, but I wouldn't trust it to
>>> read PDFs that I thought had a significant chance of being
>>> trojans.
>> sandbox -X evince random.pdf
>>
>> On Fedora or RHEL6, as a normal user would run the pdf with a locked
>> down sandbox.
>
>
> What exactly is sandbox ? If i understand things correctly then this
> sandbox
> thing is some "shell" or something , so whatever the random pdf does it
> affects only that "shell" and nothing outside it
http://danwalsh.livejournal.com/31146.html
http://danwalsh.livejournal.com/31247.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk04p/MACgkQrlYvE4MpobNVLQCfZr7xMVUMjfI0wL8zQilTq0Zj
T1sAoJTiQdOMReBLOgbs8X2PyhqdQ19l
=o3BA
-----END PGP SIGNATURE-----
More information about the users
mailing list