Written by kramer65 the 6 Jan 09 at 14:35.

Ubuntu Brainstorm was updated in January 2009. Since the idea #17079 was submitted before this update, its rationale and solution are not separated. Please vote accordingly, and if you have the necessary rights, please separate the rationale from the solution. Thanks!

<i>Ubuntu Brainstorm was updated in January 2009. Since the idea #17079 was submitted before this update, its rationale and solution are not separated. Please vote accordingly, and if you have the necessary rights, please separate the rationale from the solution.</i><br /> Thanks!

Written by pdunn the 20 Jul 09 at 11:05.

I propose that the way to solve this is when one downloads an archive that an option or automatic conversion along with an install take place. Basically when one downloads a piece of software they will be given the option to install it. When they choose this the archive will automatically be packaged as a .deb file and the installed automatically.

I propose that the way to solve this is when one downloads an archive that an option or automatic conversion along with an install take place. Basically when one downloads a piece of software they will be given the option to install it. When they choose this the archive will automatically be packaged as a .deb file and the installed automatically.

Written by inashdeen the 25 Nov 10 at 18:55.

Hence, I suggest that ubuntu used a captcha system, in additional to the default password system used, especially when regarding sensitive filesystem files. A capctha is a simple yet powerful physical firewall that differentiate between a human and non human users, on the other hand, could be given an option to use it or not to use it.

Hence, I suggest that ubuntu used a captcha system, in additional to the default password system used, especially when regarding sensitive filesystem files. A capctha is a simple yet powerful physical firewall that differentiate between a human and non human users, on the other hand, could be given an option to use it or not to use it.

Written by czr114 the 26 Nov 10 at 06:08.

Captchas are a joke. They're annoying, culturally-problematic, and practically useless for hardened purposes. Cybercriminals can subscribe to services using farmed-out human solvers for a few dollars per 1000 solutions. That renders them only partially useful in protecting low-value targets against poorly-coded software. If their goal is deploying bot clients, we can't count on criminal incompetence to save us, and with bank accounts at stake, they're not going to be overly cheap.

Preventing improper automated/invisible access to system files starts with a solid, robust, and secure framework for limiting access permissions by process and purpose. This is where technologies like AppArmor and tripwires come in.

If a user has been fooled by a trojan, and is dead set on sudoing malware, nothing is going to stop it from ravaging the system, short of completely disabling a user's ability to sudo things designed to modify key files for benevolent purposes.

Captchas are a joke. They're annoying, culturally-problematic, and practically useless for hardened purposes. Cybercriminals can subscribe to services using farmed-out human solvers for a few dollars per 1000 solutions. That renders them only partially useful in protecting low-value targets against poorly-coded software. If their goal is deploying bot clients, we can't count on criminal incompetence to save us, and with bank accounts at stake, they're not going to be overly cheap. Preventing improper automated/invisible access to system files starts with a solid, robust, and secure framework for limiting access permissions by process and purpose. This is where technologies like AppArmor and tripwires come in. If a user has been fooled by a trojan, and is dead set on sudoing malware, nothing is going to stop it from ravaging the system, short of completely disabling a user's ability to sudo things designed to modify key files for benevolent purposes.

Written by Lachu the 11 Dec 10 at 21:36.

Use Selinux and modify bash to change current domain, when running command. Only build-in command user could run programs without changing domain. Only programs in the same domain like standard shell could run sudo/su . Bash will change own domain automatically, if it starts in non-interactive mode.

Use Selinux and modify bash to change current domain, when running command. Only build-in command user could run programs without changing domain. Only programs in the same domain like standard shell could run sudo/su . Bash will change own domain automatically, if it starts in non-interactive mode.