Sebastian G. wrote:
> goarilla wrote:
>
>
>> ok what would you do when some of your stupid users
>> gets a virus?
>
>
> Depends on which systems. Those with higher security margins have a
> global no-exec policy implemented, thus they simply can't anything but
> the preinstalled software, and as long as this is up-to-date an
> in-memory process compromise of the network is extremely unlikely.
>

how does one do that ?
have any concrete information pertaining these security measures ?

> On those with lesser security margin: Delete all programs and
> script-relevant setting, if necessary restore their settings and their
> data from the latest backup.
>
>> well not quite but if you have lots of different pc's with windows
>> it's a lot harder because you have
>> to manage a lot of different images
>
>
> Why are you always coming up with images? A user running malicious
> software only compromises all the programs and the data he had access
> to, which is, beside some necessarily shared data, only his own data. He
> can't damage the data of other user, and neither the system.
>

in a perfect world yes
that's how i do it here
and well it's not uncommon for malware to use local (root) exploits
to escalate privilege

>> and what's the causing of security problems beside the user ?
>
>
> Hardware errors. This is what the restore images are intended for:
> getting the old system running on the new hardware again as soon as
> possible.

huh please explain. do you have some information on how to create
'restore images' since when ... i think image i think hardware specific
root filesystem (windows)