Re: [Tails-dev] What to do about I2P in Tails?

This message is part of the following thread:
M-\the complete thread tree sorted by date
M\MAlan at <-
MMintrigeri at ->
Delete this message

Reply to this message
Author: HW42
Date:  
To: tails-dev
Subject: Re: [Tails-dev] What to do about I2P in Tails?
Hi,

Jacob wrote:
> I disagree in practice - if someone can pop a shell as the Amnesia
> user, they can jump to the i2psvc by using the sudo rule and then
> attacking I2P. That concern seems to point toward a different
> solution. Furthermore, it suggests that an actual I2P user should not
> be so easy to deanonymize. That won't come from the firewall
> protection, I guess.

If someone can run code as the 'amnesia' user your are lost anyway
because he then controls input/output and therefore can do anything the
real user can do.

HW42
This message was posted to the following mailing lists:
tails-dev
Mailing List Info | Nearby Messages		<-[Tails-dev] OpenSSL exploit fixed in TAILS 1.1?Re: [Tails-dev] OpenSSL exploit fixed in TAILS 1.1?->
lists.autistici.org administrated by postmasterLurker (version 2.3)