From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1L55kx-000686-Ej for garchives@archives.gentoo.org; Tue, 25 Nov 2008 21:47:39 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 758DEE06E9; Tue, 25 Nov 2008 21:47:39 +0000 (UTC) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.174]) by pigeon.gentoo.org (Postfix) with ESMTP id 3EFB9E06E9 for ; Tue, 25 Nov 2008 21:47:39 +0000 (UTC) Received: by wf-out-1314.google.com with SMTP id 29so164271wff.10 for ; Tue, 25 Nov 2008 13:47:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=LeoBv79+uUG2YeExyaOTs0BFnPTbdQd1jU8x8Bu8/qg=; b=iTtVlxKKGRa466x3vam04cofesObiyDwoMDtrFhYiiXkjHIoWYPSpP44wt7+Ej44jj BQXyuizaN76z1rQmo9dQdjuTcvcKLHHe1e8pd74wBFTkL5cSy2grGtOkCuEp6EnUzHxo 23NN5+PuASdBo7VaKr70sA5vn+8cgyFvV7ZYo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=XvmO6HfyUFDBjTex2whBUKdBV/dVMw2zTFUMiDWkOHxLqFXZAx4/8FT0tmB5Ooy/aM piMI37KBL2+LGWwp9qnonZcwH35MEo+jYgemM9SrkE7je1BuxH1QzLaNDMK9fBy45iQS PJQ2mzl//DAs2+6quAc8BJDKEcbs+RPYhyyq0= Received: by 10.142.144.16 with SMTP id r16mr2281856wfd.316.1227649657011; Tue, 25 Nov 2008 13:47:37 -0800 (PST) Received: by 10.142.215.15 with HTTP; Tue, 25 Nov 2008 13:47:36 -0800 (PST) Message-ID: <4255c2570811251347m3b5686ex29f81db26bee3aae@mail.gmail.com> Date: Tue, 25 Nov 2008 14:47:36 -0700 From: RB To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] hardened workstation - is that worth it? In-Reply-To: <200811252112.32571.janklodvan@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <200811251700.45540.janklodvan@gmail.com> <4255c2570811251158n28f3274ch34e87a1a3f1eacb6@mail.gmail.com> <200811252112.32571.janklodvan@gmail.com> X-Archives-Salt: 29600d94-bddc-423d-910c-d34f8dc4f3a5 X-Archives-Hash: 0c3e9333d199ee292694b7977c6bfbd9 On Tue, Nov 25, 2008 at 14:12, Jan Klod wrote: > On Tuesday 25 November 2008 19:58:42 RB wrote: >> KDE (and to a lesser extent X) pretty much nullifies most application >> isolation efforts you're going to make. > > Well, then I would like to ask your opinion about other available window > managers. Any better solutions in a direction "stupid and safe"? On my part, none. All my hardened boxes are headless servers and my GUI workstations have disposable configurations. Even if stepping away from a window manager and all its associated programs, you still have X and the numerous associated security holes (Javier outlined those well). For keyloggers, X is designed so that any application you allow to connect to it can capture any of your keystrokes. That means that regardless of whether you're running X as user1, google earth as user2, and firefox as user3, both of those applications can pick up all of your keystrokes. Since you're running as separate users, you have already (implicitly or not) allowed those users to freely connect to your X session. Game over. X and window managers used to be much more unfriendly, you had to do things like 'xhost +root@localhost' to allow root to pop up an Nmap GUI. Now, they all handle those things behind the scenes and for the most part get it right for the large majority of users. This is our reality as desktop Linux tries to appeal to a broader audience.