On Mon, Jul 16, 2012 at 8:23 AM, Rob van der Hoeven < [email protected]> wrote:
> Yesterday Nick Daly started a discussion about PHP alternatives. PHP is > crap, and has a very bad security reputation. Should we use programs > that are written in PHP for the FreedomBox? > > I fully agree that we should try to avoid using PHP, but i also think > that this alone does not solve a very basic problem that the FreedomBox > community MUST solve. > > The problem is that we should not trust *any* program that runs on the > FreedomBox, regardless of programming language or reputation of its > programmers. You don't get security by trusting the programs you run. > Every program contains bugs, every program can be hacked. The security > architecture of the FreedomBox must be designed with this worst-case > scenario in mind. Hacked programs should not have the capability to take > over the FreedomBox, or be able to expose private documents of its user. > > An out-of-the box Debian install only has the normal Unix file system > security enabled. This type of security is designed to isolate (pseudo) > users and not programs. A program running under account A can access all > data from user A (and much more because most of the files have read > access in the other-category). This makes your web-browser the most > dangerous program to use. It can be hacked from outside your home, and > once compromised it has access to every document you made (even your > private SSH keys in ~/.ssh). Exploits for web-browsers are very popular > with governments and 3-character agencies as the following article > shows: > > Sounds like a job for selinux. -- "*A child is a person who can't understand why someone would give away a perfectly good kitten.*" -- Doug Larson
_______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
