User: Password:
|
|
Subscribe / Log in / New account

Desktop malware risk gets raised and patched

Desktop malware risk gets raised and patched

Posted Feb 26, 2009 19:28 UTC (Thu) by raven667 (subscriber, #5198)
In reply to: Desktop malware risk gets raised and patched by drag
Parent article: Desktop malware risk gets raised and patched

What you are looking for is largely implemented using SELinux policies and extended attributes to
files that include security tag information. SELinux policies are being pushed into X and used to
manage Firefox as well as most of the other network connected software on your system. This has
largely already been accomplished, if you are running a reasonably recent copy of Fedora (from the
last several years) all this stuff exists and is enabled by default. As long as the applications behave
and the policies are right the underlying protection is pretty unobtrusive.

While we stand around and talk about how browser and desktop security should work in the future,
others are actually taking care of the problem and before anyone realizes it has happened it will all
be done.


(Log in to post comments)

Desktop malware risk gets raised and patched

Posted Feb 26, 2009 23:52 UTC (Thu) by drag (subscriber, #31333) [Link]

> While we stand around and talk about how browser and desktop security should work in the future, others are actually taking care of the problem and before anyone realizes it has happened it will all be done.

That's good people are putting work into it.

It's definitely something that needs to be touted then if the work is getting done. It can be a very important selling point for some people... especially corporations that hand laptops out to salespeople and whatnot. Since they are not in their corporate sandbox then there is very little IT people can do to control the environment in which these things run.

Being able to not only lock down the desktop to secure it without restricting user's ability to use and get the full benefit of the OS environment is a huge thing and is something you can't get from Windows.

This sort of thing would be a real, obvious, and tangible benefit to switching to Linux.

Desktop malware risk gets raised and patched

Posted Feb 28, 2009 21:33 UTC (Sat) by rahulsundaram (subscriber, #21946) [Link]

Fedora has been doing a lot of desktop SELinux work including xguest and lock down of common desktop programs including dbus and browser plugins. A few references:

http://james-morris.livejournal.com/39013.html
http://danwalsh.livejournal.com/13376.html


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds