> El 1/09/2014, a las 10:16, Jigzat <insecsite@xxxxxx> escribió: > > I’m no security expert but, is a multi-user system more secure than a > single-user one? how about system wide encryption or at least core components > encryption during installation based on the user password and a usb recovery > mechanism?. > >> El 1/09/2014, a las 10:06, Augustin Cavalier <waddlesplash@xxxxxxxxx >> <mailto:waddlesplash@xxxxxxxxx>> escribió: >> >> On Mon, Sep 1, 2014 at 10:21 AM, Wayne Peter Corwin >> <wayne.peter.corwin@xxxxxxxxxxxxxxxx >> <mailto:wayne.peter.corwin@xxxxxxxxxxxxxxxx>> wrote: >> Well okay, so if we take away the multiuser part, what security work has >> been done? Or do I understand correctly that Haiku per now doesn't offer any >> kind of security? >> >> Not true. We use Coverity for code scanning and fix security issues that >> way, we try hard to stay on the latest OpenSSL (and hopefully soon we'll be >> on LibreSSL), we have DEP and ASLR implemented (for x86(_64) at least), and >> system folders are read-only (you can only change them by mounting >> packages). ATM there is no privilege separation, but implementing that would >> be quite a lot of work and I don't know who has the time for that... >> However, the kernel does support users with passwords (and SSHD can use >> that), it's only the GUI apps that don't do anything with it IIRC. >> >> If you notice any ways that someone can take control of the system without a >> user running an application deliberately, let us know :) >> >> -Augustin >> > Sorry for the top posting, I totally forgot about it.