On Gwe, 2004-09-03 at 21:05, Kristian SÃrensen wrote:Just as Christop Hellwig's suggestion (in this thread) this will not work due to the placement of the LSM hooks :-) (he suggested making an "mount -o bind").
If an email client receives an malformed email (like the countless attacks on outlook), a simple restriction could be for the process handeling the mail would be "$HOME/.addressbook", furthermore, you could specify that attachments executed _from_ the emailprogram would not have access to the network. Thus the virus cannot find mail addresses to send itself to - and it cannot even get network access. Simple and effective.
ln /tmp/bwhahaha $HOME/.addressbook
more /tmp/bwhahaha
As the nice man from the NSA said ;) label content not paths. Use xattrs
to say "this is an addressbook" and then the path games go away.