On Wed, Dec 2, 2009 at 01:33, Rob Owens <row...@ptd.net> wrote: > Don't forget about the *.desktop files that several desktop environments > use to launch programs from their deskop. They can execute files > without the "x" permission set. Although I think one of the major DE's > fixed that security hole (but I can't remember which).
I think that was the proof of concept someone mentioned. For security there's Bastille linux, which (i guess) is similar to harden_suse - does a lot of little changes to harden your system. I didn't really like it, but it might be worth a try. Using an IDS wouldn't be a bad idea also, tutorials abound. I think it's worth repeating that even without privilege escalation, a compromised user account could do a lot of damage - spambot for one. -- () ascii-rubanda kampajno - kontraŭ html-a retpoŝto /\ ascii ribbon campaign - against html e-mail -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
