[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: F-Secure Computer Virus Information Pages: Googkle
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: F-Secure Computer Virus Information Pages: Googkle
- From: steve_(_dot_)_shockley_(_at_)_shockley_(_dot_)_net
- Date: Mon, 9 May 2005 10:16:59 -0400 (EDT)
On Sun, May 8, 2005 11:00 am, Dave Feustel wrote:
> Can the malware at Gookle.com described at the link
> crack OpenBSD and/or Konqueror? (I am far from an expert, so I practice
> 'better safe
> than sorry' when I see f-secure's explicit warnings).
Well, aside from the win32-centric nature of that virus...
You don't browse the web as root, do you? Most Windows security issues
stem from the fact that everyone runs as a local admin all the time.
Since just about all graphical web browesers are complex enough to contain
bugs, and chances are one of those bugs has a security impact, you could
lower your risk by running Konqueror in systrace. I'm not sure how
Konqueror relates to KDE's desktop file browsing, so running a systrace
policy that puts useful restrictions on Konqueror may make KDE unusable.
(Just because all the currently-exploited bugs in websites target IE on
Win32 doesn't mean that running Konqueror on OpenBSD is completely safe.)