Date: Thu, 12 Jun 2008 16:20:10 +0100 From: Frank Shute <frank@shute.org.uk> To: David Naylor <naylor.b.david@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD and User Security Message-ID: <20080612152010.GA7182@melon.esperance-linux.co.uk> In-Reply-To: <200806112225.36221.naylor.b.david@gmail.com> References: <200806112225.36221.naylor.b.david@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 11, 2008 at 10:25:32PM +0200, David Naylor wrote: > > Hi All, > > Today I read an article describing how my government had lost ZAR200 000 000 > from fraud. This is just under $25 000 000. The article credited this loss > largely due to the use of spyware. > > My question is how secure is FreeBSD (including KDE, GNOME and XFCE) to > attacks, including cracking and spyware. In addition, is there anyway to > prevent a user from executing a program that is not owned by root (i.e. any > program installed by the user), this would prevent spyware being installed > (assuming root has been properly locked down) and subsequently run. > > If anyone, in addition, has answers for Linux and *BSD it would be great to > know as well. You might want to have a look at using a restricted shell for users. I know bash & pdksh have a restricted mode. A quick look at the manpages for sh & csh suggests they don't. Bash and pdksh are in ports. Can't tell you which is best as I haven't used either in restricted mode. > > Best Regards > > David Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080612152010.GA7182>