Create a Safe daemon against malicious scrips
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
One Hundred Papercuts |
Invalid
|
Undecided
|
Unassigned | ||
Ubuntu |
Invalid
|
Wishlist
|
Unassigned |
Bug Description
Due to this serious report
http://
that show the possibility to compromise the system; I suggest to create a sort of safe daemon that check the system against a list of malicious commands (es. sudo rm -fR / or sudo rm -fR $HOME) and their script variables (ruby, perl, etc..).
This is a very dangerous situation because from the report I can install a screensaver from gnome-look.org and compromise my system; as soon as the variety of "external" software repository will grow (es. gnome-look, kde-look, android market and, perhaps, Ubuntu software center) as well as the linux/ubuntu users, the risk to be attacked will be very high.
To limit the possibility of malaware and/or malicious commands on the system I suggest to create a Safe daemon.
visibility: | private → public |
Thank you for bringing this bug to our attention. However, a paper cut should be a small usability issue, in the default Ubuntu install, that affects many people and is quick and easy to fix. So this bug can't be addressed as part of this project.
- Though this needs to be addressed , Writing a new daemon is not a papercut task. /wiki.ubuntu. com/PaperCut.
For further information about papercuts criteria, please read https:/
Don't worry though, this bug has been marked as "Invalid" only in the papercuts project.