Mailinglist Archive: opensuse (3767 mails)
| < Previous | Next > |
Re: [SLE] Correct way to update programs?
- From: Randall R Schulz <rschulz@xxxxxxxxx>
- Date: Fri, 10 Feb 2006 19:00:39 -0800
- Message-id: <200602101900.39697.rschulz@xxxxxxxxx>
Anders,
On Friday 10 February 2006 18:34, Anders Johansson wrote:
> On Friday 10 February 2006 05:55, Randall R Schulz wrote:
> > Using "xhost +local:" is fairly safe, especially for a personal
> > computer.
>
> Only if you totally trust everything running on your machine.
Well, I didn't say run like that indefinitely. Just relax the
restriction, start the process and when you're done, retract it.
But if I'm running untrustworthy softare, all bets are off anyway, no?
Like I said, it's a personal computer. I'm the only user. The large
majority of the processes that run here are either root or me. Those
that are neither, yes I trust them. Postgres, Apache 2, Perforce, NTPD
and a very few others.
> If a program can connect to your X server, it can sniff your keyboard.
> Do you want a hacker getting in through a hole in a service as user
> nobody to be able to sniff your passwords?
And this hole? Where is it? How does the hacker know when I've relaxed
the X access permissions?
I've gotta say, this fear everything unknown all the time attitude does
not presuade me. That's the excuse always given to make our network at
work progressively more useless. You ask them what they're guarding
against and they say "the unknown."
Bah. Nothing is certain.
Randall Schulz
On Friday 10 February 2006 18:34, Anders Johansson wrote:
> On Friday 10 February 2006 05:55, Randall R Schulz wrote:
> > Using "xhost +local:" is fairly safe, especially for a personal
> > computer.
>
> Only if you totally trust everything running on your machine.
Well, I didn't say run like that indefinitely. Just relax the
restriction, start the process and when you're done, retract it.
But if I'm running untrustworthy softare, all bets are off anyway, no?
Like I said, it's a personal computer. I'm the only user. The large
majority of the processes that run here are either root or me. Those
that are neither, yes I trust them. Postgres, Apache 2, Perforce, NTPD
and a very few others.
> If a program can connect to your X server, it can sniff your keyboard.
> Do you want a hacker getting in through a hole in a service as user
> nobody to be able to sniff your passwords?
And this hole? Where is it? How does the hacker know when I've relaxed
the X access permissions?
I've gotta say, this fear everything unknown all the time attitude does
not presuade me. That's the excuse always given to make our network at
work progressively more useless. You ask them what they're guarding
against and they say "the unknown."
Bah. Nothing is certain.
Randall Schulz
| < Previous | Next > |