Results 1 to 10 of 39

Thread: Linux Desktop Security Could Be A Whole Lot Better

Hybrid View

  1. #1
    Join Date
    Jan 2007
    Posts
    15,120

    Default Linux Desktop Security Could Be A Whole Lot Better

    Phoronix: Linux Desktop Security Could Be A Whole Lot Better

    The security researcher that uncovered a host of X.Org security issues went beyond just evaluating the X.Org libraries and looked at other Linux desktop packages too. There's many security-related bugs outstanding within the Linux desktop ecosystem and Ilja van Sprundel believes "things could be better by several orders of magnitude."..

    http://www.phoronix.com/vr.php?view=MTM3ODA

  2. #2
    Join Date
    Nov 2011
    Posts
    353

    Default

    the consolekit security problem related to the lack of the revoke() syscall is still there right.

  3. #3
    Join Date
    May 2010
    Posts
    684

    Default

    Quote Originally Posted by garegin View Post
    the consolekit security problem related to the lack of the revoke() syscall is still there right.
    consolekit has been unmaintained for a while anyway, doesn't suprise me that it has security holes. Distros should switch to systemd/logind

  4. #4
    Join Date
    Aug 2012
    Location
    Pennsylvania, United States
    Posts
    1,911

    Default

    Quote Originally Posted by garegin View Post
    the consolekit security problem related to the lack of the revoke() syscall is still there right.
    Consolekit was depreciated for logind, which is a part of the systemd suite.

    For the record, Policykit was also abandoned, it was forked into Polkit by the same developers. It was forked because they wanted to break and couldnt do it with PolicyKit, so they just made a new project and told everyone to migrate at their convenience.

  5. #5
    Join Date
    Nov 2011
    Posts
    353

    Default

    so for all intents and purposes, modern distros don't have that problem i'm talking about? how was it fixed without having the revoke() call?
    this is the video where the problem is described

    http://www.youtube.com/watch?v=ZTdUm...layer_embedded

  6. #6
    Join Date
    Aug 2012
    Location
    Pennsylvania, United States
    Posts
    1,911

    Default

    Quote Originally Posted by garegin View Post
    so for all intents and purposes, modern distros don't have that problem i'm talking about? how was it fixed without having the revoke() call?
    this is the video where the problem is described

    http://www.youtube.com/watch?v=ZTdUm...layer_embedded
    Post a message to Lennart's blog or the systemd-devel mailing list and ask them if it was worked around or if they dont hit that problem. Its very possible 1) That problem was inherit to consolekit's design, 2) a non-issue by logind's design 3) worked around in logind 4) Still ongoing.

    The point we were trying to make was: Consolekit will NEVER get fixed in that regard, because its a dead project.

  7. #7
    Join Date
    Jan 2010
    Location
    Ghent
    Posts
    216

    Default

    Quote Originally Posted by BO$$ View Post
    Again people, linux is invulnerable. That guy is probably a Microsoft paid evil monster paid to divide and conquer us! But we shall not fall for the faith is strong in us! Linux cannot be broken! Do not listen to this Judas!
    I know it was meant as sarcasm, but in fact it points to a real problem. One should be thankful about people pointing out flaws, but the natural reaction is often to try to deny them or to "shoot the messenger". There is a big difference between FUD and real security warnings, but for the casual observer it can be difficult to distinguish the two.

  8. #8
    Join Date
    Oct 2009
    Posts
    2,122

    Default

    Quote Originally Posted by BO$$ View Post
    Again people, linux is invulnerable. That guy is probably a Microsoft paid evil monster paid to divide and conquer us! But we shall not fall for the faith is strong in us! Linux cannot be broken! Do not listen to this Judas!
    Where *do* trolls come from? Is it a genetic mutation? Or do you need to have trolls for parents?

    Just imagine how many vulnerabilities microscrap has that are hidden and unknown to the general public. These published vulnerabilities can (and will) be *fixed*. Unpublished flaws in binary crap *can't*.

    Good luck with your microscrap.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •