[Freedombox-discuss] PHP is not the problem, security is!

[Rick]

On Mon, Jul 16, 2012 at 8:23 AM, Rob van der Hoeven <
robvanderhoeven at ziggo.nl> wrote:

> Yesterday Nick Daly started a discussion about PHP alternatives. PHP is
> crap, and has a very bad security reputation. Should we use programs
> that are written in PHP for the FreedomBox?
>
> I fully agree that we should try to avoid using PHP, but i also think
> that this alone does not solve a very basic problem that the FreedomBox
> community MUST solve.
>
> The problem is that we should not trust *any* program that runs on the
> FreedomBox, regardless of programming language or reputation of its
> programmers. You don't get security by trusting the programs you run.
> Every program contains bugs, every program can be hacked. The security
> architecture of the FreedomBox must be designed with this worst-case
> scenario in mind. Hacked programs should not have the capability to take
> over the FreedomBox, or be able to expose private documents of its user.
>
> An out-of-the box Debian install only has the normal Unix file system
> security enabled. This type of security is designed to isolate (pseudo)
> users and not programs. A program running under account A can access all
> data from user A (and much more because most of the files have read
> access in the other-category). This makes your web-browser the most
> dangerous program to use. It can be hacked from outside your home, and
> once compromised it has access to every document you made (even your
> private SSH keys in ~/.ssh). Exploits for web-browsers are very popular
> with governments and 3-character agencies as the following article
> shows:
>
>
Sounds like a job for selinux.

-- 
"*A child is a person who can't understand why someone would give away a
perfectly good kitten.*"
-- Doug Larson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120716/3947ae66/attachment.html>