From owner-freebsd-questions@FreeBSD.ORG Wed Jun 11 20:55:14 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 986B31065678 for ; Wed, 11 Jun 2008 20:55:14 +0000 (UTC) (envelope-from naylor.b.david@gmail.com) Received: from yw-out-2324.google.com (yw-out-2324.google.com [74.125.46.29]) by mx1.freebsd.org (Postfix) with ESMTP id 3F7178FC0A for ; Wed, 11 Jun 2008 20:55:14 +0000 (UTC) (envelope-from naylor.b.david@gmail.com) Received: by yw-out-2324.google.com with SMTP id 9so1655676ywe.13 for ; Wed, 11 Jun 2008 13:55:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:organization:to:subject :date:user-agent:mime-version:content-type:content-transfer-encoding :message-id; bh=w+1jdXb830B0QAOPHWhSjlpXjHaN4delQW5Nl0KQz1E=; b=DU8J/rc0QNoGtMk5xhyjDmvpPq0JSBza8eqi2Yp/rFXbvaAq7+ZEDIzk5eMdwZk++h X8UcAIyK9QYf41J2GLEBFArKSK86nCE9YOfBlfigTlBnutk2psIgp0SaRf2x1DHcc0Kr lEoCBUFQ8fnLi7qmPVMMzLaqjx117xiDWuYYI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:organization:to:subject:date:user-agent:mime-version :content-type:content-transfer-encoding:message-id; b=ZD3l4p9sMkgL0UZJcDnQ6Y1NmkPGwTCdvARzSvenzsneGVFvSEMpHd1URjraC5xTAt zlzo6mK7okrXb8Mmt+clWRnb/xRmSlGiXFZS23Vy43Hm0S+MQANd55mMrMRv3l7ZxS/2 I0HtwrkT3PFx71y3r//lGg2DV+qe9hTN1cbSA= Received: by 10.150.49.2 with SMTP id w2mr902210ybw.27.1213215967795; Wed, 11 Jun 2008 13:26:07 -0700 (PDT) Received: from ?0.0.0.0? ( [196.34.241.123]) by mx.google.com with ESMTPS id f51sm427080pyh.36.2008.06.11.13.25.49 (version=TLSv1/SSLv3 cipher=RC4-MD5); Wed, 11 Jun 2008 13:26:06 -0700 (PDT) From: David Naylor Organization: Private To: freebsd-questions@freebsd.org Date: Wed, 11 Jun 2008 22:25:32 +0200 User-Agent: KMail/1.9.7 MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1379916.VEKuhq0alM"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200806112225.36221.naylor.b.david@gmail.com> Subject: FreeBSD and User Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Jun 2008 20:55:14 -0000 --nextPart1379916.VEKuhq0alM Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Hi All, Today I read an article describing how my government had lost ZAR200 000 00= 0=20 from fraud. This is just under $25 000 000. The article credited this los= s=20 largely due to the use of spyware. =20 My question is how secure is FreeBSD (including KDE, GNOME and XFCE) to=20 attacks, including cracking and spyware. In addition, is there anyway to=20 prevent a user from executing a program that is not owned by root (i.e. any= =20 program installed by the user), this would prevent spyware being installed= =20 (assuming root has been properly locked down) and subsequently run. =20 If anyone, in addition, has answers for Linux and *BSD it would be great to= =20 know as well. =20 Best Regards David --nextPart1379916.VEKuhq0alM Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQBIUDTAUaaFgP9pFrIRAiIcAJwOmkiXr6lRSB8O9T2CVJdh9Jdk+ACfYPgE kbniC4AeBls4POtZoRsLdHU= =nT4c -----END PGP SIGNATURE----- --nextPart1379916.VEKuhq0alM--