Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Immortal Linux would probably get more installs - a package that prevents common malicious commands from working without first warning you of the consequences.


People would just be more creative; a curl url | sh, that script copies rm from bin to current directory, executes it there etc.

Might help in a few cases, but would lul people into a false sense of security.


Just make it work at the kernel syscall level. Maybe make it so you can have policies where syscalls can only affect some directories.

Maybe we should call it "selinux"


Of course, but that has a reputation as being hard to set up into a configuration that doesn't get in the way.


Ah, yes, and not allowing deleting files or changing permissions and so on would give you security without ever getting in the way. Silly me.


I read that as Immoral Linux and immediately started thinking about what immoral actions the OS could automatically perform.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: