DSL Ideas and Suggestions :: Security  - Features, or afterthought ?



Quote (clacker @ Jan. 25 2005,14:19)
simple-user, do you think some proccess (terminal or flua) where the user would need to log into the liveCD each time with a password (whatever they want, could be different every startup)?  Then if they want to su or sudo the would need that password?

I kinda like that idea.

At the same time I believe it is the responsibility of the user to deal with passwords.  If a person thinks a passwordless root is unsafe, he has the ability to fix that himself.  Something that simple shouldn't be a cause of worry.
Quote (simple-user @ Jan. 25 2005,11:04)
But be mindful that a rouge MyDSL in
current implementation (2005/01) running even from a CD can wipe
out entire hard drives in just a few moments the way that DOS/Windoze
virii have done.  Or it could be worse, it cout turn those machines
into zombies on the internet.

I would be concerned with that. A person running DSL from liveCD would assume their hard drive is safe. But what if a hacker could get control of the computer without the user noticing? The hard drive could probably be mounted and deleted.
clacker, simple-user:

In response to the question below:

I personally would like to see such a process to allow setting a session-only sudo password, perhaps available thru the dsl library. I can re-master to include at my discretion.

I believe that the live-CD approach offers a huge opportunity to move linux into the mainstream. A DSL based live CD offering the user virtually total security while surfing the net would meet a currently unmet user need.

Such a CD could include virus scanning capability and anonymous surfing capability and Open Office  (for email attachments) as well. The key is to make this live CD nearly brain-dead simple to use, so the Windows users (the target market) have a painless introduction to linux while surfing safely on their existing PC.

Any interest in working on this. I am experimenting but am still pretty much a linux newb so progress is slower than I would like.

Thx.

Greg

--------------------------------------------------------------------------------
simple-user, do you think some proccess (terminal or flua) where the user would need to log into the liveCD each time with a password (whatever they want, could be different every startup)?  Then if they want to su or sudo the would need that password?
Quote (roberts @ Jan. 25 2005,18:29)
3. We do not accept custom code in the user contributed extensions.

What exactly does this mean pratically?
Quote
Quote (roberts @ Jan. 25 2005,18:29)
3. We do not accept custom code in the user contributed extensions.

What exactly does this mean pratically?


My guess would be that this means extensions containing binaries made from (or altered with) contributors' own private, non-publically testable code should not be submitted, as opposed to binaries compiled from source code that is available and verifiable in the public domain.

PS: I saw somewhere that Debian is in the process of setting up automatic verification of the gpg signatures of .deb packages (perhaps it is already working).
That might be something worth considering one day for dsl extensions.
Next Page...
original here.