From kde-devel Tue Dec 27 16:15:03 2005 From: Dave Feustel Date: Tue, 27 Dec 2005 16:15:03 +0000 To: kde-devel Subject: Re: One Way to Increase KDE security Message-Id: <200512271115.03994.dfeustel () mindspring ! com> X-MARC-Message: https://marc.info/?l=kde-devel&m=113570013217992 On Tuesday 27 December 2005 10:21, Kevin Krammer wrote: > On Tuesday 27 December 2005 14:35, Dave Feustel wrote: > > On Tuesday 27 December 2005 06:19, David Faure wrote: > > > On Tuesday 27 December 2005 03:05, Dave Feustel wrote: > > > > Delete all kde/Xorg sockets in /tmp everytime KDE exits. > > > > > > Can you please stop making up facts about "security" every day on this > > > list? It wouldn't be so annoying if it actually made sense... I didn't make up a fact. I reported a technique I have tried for improving security which seems to work for me in practice, regardless of whether it makes any sense. YMMV of course. > > I didn't make this up. I have seen (network) sockets created that had no > > I think David meant that "deleting unused sockets increases security" is made I do not see the word "unused" in my original text. It's important to quote accurately. Maybe I didn't express my thought clearly. > up, because a socket which no one uses is obviously not a security threat. It's a threat whether it's used or not. It becomes an exploit when it is actually used. I know practically nothing about KDE and Xorg internals, but cleaning up sockets, files and processes seems to have, for the moment, eliminated 'spontaneous' changes to permissions of files of which I am owner. My counter-intrusion program is the result of experiment, not theory, but so far it seems to be working. -- Lose, v., experience a loss, get rid of, "lose the weight" Loose, adj., not tight, let go, free, "loose clothing" >> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<