[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: One Way to Increase KDE security
From:       Dave Feustel <dfeustel () mindspring ! com>
Date:       2005-12-27 16:15:03
Message-ID: 200512271115.03994.dfeustel () mindspring ! com
[Download RAW message or body]

On Tuesday 27 December 2005 10:21, Kevin Krammer wrote:
> On Tuesday 27 December 2005 14:35, Dave Feustel wrote:
> > On Tuesday 27 December 2005 06:19, David Faure wrote:
> > > On Tuesday 27 December 2005 03:05, Dave Feustel wrote:
> > > > Delete all kde/Xorg sockets in /tmp everytime KDE exits.
> > >
> > > Can you please stop making up facts about "security" every day on this
> > > list? It wouldn't be so annoying if it actually made sense...

I didn't make up a fact. I reported a technique I have tried for improving security
which seems to work for me in practice, regardless of whether it makes any
sense. YMMV of course.

> > I didn't make this up. I have seen (network) sockets created that had no
> 
> I think David meant that "deleting unused sockets increases security" is made 

I do not see the word "unused" in my original text. It's important to quote accurately.
Maybe I didn't express my thought clearly.

> up, because a socket which no one uses is obviously not a security threat.

It's a threat whether it's used or not. It becomes an exploit when it is actually used.


I know practically nothing about KDE and Xorg internals, but cleaning up sockets, files
and processes seems to have, for the moment, eliminated 'spontaneous' changes to
permissions of files of which I am owner. My counter-intrusion program is the result
of experiment, not theory, but so far it seems to be working.
-- 
Lose, v., experience a loss, get rid of, "lose the weight"
Loose, adj., not tight, let go, free, "loose clothing"
 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]