solarian Posted September 23, 2005 Report Share Posted September 23, 2005 (edited) Hello! With the recent influx of Firefox exploits, which affect Linux too, I want to give a little tip which solves (I think) most of these problems. Yes, I know that without root access they can do nothing to your system files, but how about all those user documents, mp3, etc? ;) And as GNU/Linux becomes more popular, more people will try to write viruses and trojans for it. Basically my advice is really simple, but it might come in handy for those new to Linux and Mandriva. In order to secure our net browsing we can use one of the strong sides of Linux, i.e., user level access. Running internet browser as a special user which doesn't have access to other user and system files. I'm going to describe here how to do it through MCC, those who know how to do it through terminal have probably done this already. 1. Go to a terminal (konsole, Eterm, etc), type su, then your root password, then type mcc (if you are using KDE you can launch applications by alt+F2). 2. Click on System -> Add, remove or change users of the system 3. Click Add User and fill out the form. I'm going to call the new user: net_crawler. You do as you please. 4. Tick the Create Home Directory too. This is from where we are going to store ~tmp files, and so on. It will create a directory /home/net_crawler 5. (Now that we have created our special user, let's make our own user to be able to access (read/write) all special user files.) From a terminal window as root type chmod 775 /home/net_crawler/ This allows the user group to do anything with the files. 6. Then type chgrp username /home/net_crawler/ where username is your main user. With the chngrp command the group ownership is changed to your main user, and because we chmoded the dir to 775, the group, i.e., username, can do anything with the special user (net_crawler) files. Now you can read/write all net_crawler files, but it can't touch your files. That goes for all nasty things it can get from the net too. The worst thing that can happen (in theory) is that malicious code can delete net_crawler, but nothing more severe. 7. Now just launch your favourite browser as the newly created user. From any terminal: su net_crawler then mozilla-firefox, opera or whatever browser you prefer. I'm sure that this tip can be improved greatly, so I urge the more knowledgeable users to do so. p.s. This is my first thread in the tips and tricks, so please be merciful. :D I'm using Linux for about 1.5 years or so, so I'm a bit of a newbie too. Edited September 23, 2005 by solarian Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.