Mailinglist Archive: opensuse (2225 mails)

[Anders Johansson <ajohansson@xxxxxxx>]

On Thursday 05 November 2009 04:44:06 Basil Chupin wrote:
> > huh? Every linux user knows that when he downloads an executable program,
> > he has to do "chmod u+x" on it before he can execute it.
>
> Until just now, I have never been told to do this :-) .

I'm starting to wonder if you're having a laugh

> >  At no point in this
> > advice is it said they have to su to root first. In file managers, the
> > interface allows you to change permissions on files to your heart's
> > content.
>
> Ce? "To [one's] heart's content"? Surely you mean if you are the owner
> of the file.

well, yes

> So basically you are saying that when I was told, and I have told many
> other people same, that Linux was secure and unhackable,

There is no such thing as "unhackable". Linux is more secure, but dangers lurk 
everywhere

> unlike our
> "friend", that Linux is just as vulnerable to all sorts of hank-panky if
> someone sat down and tried to exploit the sort of vulnerabilities
> mentioned here?

I haven't seen any mention of vulnerabilities in this thread

But what you're talking about now, about file permissions, is just silly. You 
have been on this list for a very long time, I refuse to believe that you 
don't know this. chmod is one of the most basic tools there are, you *must* 
have worked with it

Anyway, the point is that anything you can do can be done by programs executed 
by you. To some extent you can limit it using tools such as AppArmor, but 
basically, programs executed by you *are* you, as far as the kernel is 
concerned

> The bottom line, then, is that what the OP raised about Adobe Flash is
> an exploitable feature in Linux, right?

The OP complained that flash stored cookies and cached objects. I didn't see 
any mention of any exploit or security issue.

Anders
-- 
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx