Destroying "only" your home directory (was Re: Newbie question on permissions)
Michael V. De Palatis
mdepalatis at mail.utexas.edu
Sun Apr 2 07:07:25 UTC 2006
On Sat, Apr 01, 2006 at 09:07:57PM -0600, Matthew R. Dempsky wrote:
> On the servers I administer, almost every service runs as its own
> dedicated user with the bare minimum necessary permissions.
>
> However, it's not practical to do similarly as a regular user on my
> laptop, for example, how do I run mplayer such that I can safely watch
> any movie I download online? There have been exploits in mplayer
> before[1], who's to say they won't happen again?
Well, now you're getting into the nothing is ever completely secure
issue. It would be great if there was an easy, convenient way to do
this, but in the end, if you don't want to have another user with even
lower permissions and switch to that user in order to try things
first, you're either going to have to risk things or not.
Luckily, exploits in programs like mplayer are fairly rare, though, so
the inconvenience of having a separate user is relatively unnecessary.
Mike
More information about the ubuntu-users
mailing list