[CentOS] Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
David McGuffey
davidmcguffey at verizon.netFri Dec 7 02:05:00 UTC 2012
- Previous message: [CentOS] awk awk
- Next message: [CentOS] Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Moat of the advanced persistent threats (APT) are initiated via e-mail. Opening an attachment or clicking on a web link starts the process. Why isn't Firefox and Evolution confined with SELinux policy in a way that APT can't damage the rest of the system? Why are we not sandboxing these two apps with SELinux? I've discovered some guidance for sandboxing Firefox using the 'sandbox' command. Once I test it a bit, I'll post the results back here. Seems to me that if this works, it should be the default. DaveM
- Previous message: [CentOS] awk awk
- Next message: [CentOS] Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list