chroot a few apps
sktsee
sktsee at tulsaconnect.com
Sat Jan 9 17:24:00 UTC 2010
On Sat, 2010-01-09 at 10:26 +0100, Vadkan Jozsef wrote:
> Hi.
>
> What kind of chroot should I use, if I want to make a more secured
> desktop, running e.g.:
>
> pdf reader
> webbrowser
> audio player
> video player
> openoffice
> picture viewer
> mua
> ooo
> virtualbox
>
> e.g.: if theres a javascript vulnerability in google chrome [I haven't
> heard a NoScript extension for it :( ] a chroot would be good for
> stopping it from doing something bad with the whole system.
>
> or e.g.: I have to open a .doc file, that I don't trust, or a PDF can
> contain malicious code :(
>
> Any tips/docs/howtos?
>
You may want to investigate Apparmor and/or SELinux to set mandatory
access control security policies for various applications. Apparmor is
already present on default installations of Ubuntu, though only running
in audit mode. Plus, there is a package in universe that contains many
more profiles for commonly used applications that supplement the ones
already installed.
--
sktsee
More information about the ubuntu-users
mailing list