On Thu, Dec 12, 2002 at 11:57:22PM +0100, Lukas Ruf wrote: > So, my question is quite easy: wouldn't it be more secure if mozilla > was installed by dselect/apt-get/dpkg with set-uid to nobody.nogroup? (snip) > What do you think?
Since you asked, I think it would be a waste of time. Provided your user account has normal user "style" privileges there's little damage an exploit in an application running as your user can do to the system. So, what exactly are you looking to accomplish by changing the user and group that the application runs as? Additionally, Linux is frequently installed on multi-user systems, thus the central cache and download location would be a hassle. -- Jamin W. Collins -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
