Again, you are mixing possible with practical.
It is possible for
1. A user to disable a variety of security features, including access to his or her account and access to X, and as a result, a key logger would then work across accounts as you suggest, but it does not work "out of the box" without either user intervention (to disable security) or root access (to over ride security).
Code:
bodhi@linux:~$ su user2
Password:
user2@linux:~ eog
(eog:2993): EOG-WARNING **: Service registration failed.
** (eog:2993): WARNING **: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
**
GLib-GIO:ERROR:gdbusconnection.c:2270:initable_init: assertion failed: (connection->initialization_error == NULL)
Aborted (core dumped)
oeg is eye of gnome, an X application for viewing pictures, and as you can see, access to X is disabled. Now I can over ride that with xhost or by running as root, but "out of the box" X security does not allow the kind of access you suggest.
Second, you are talking in theory. In theory, a cracker can exploit a known or unknown application, and thus gain sufficient access to install a key logger.
It is important to understand that No such exploit is currently known
What do you want me to do about potential threats ? My house might get hit by an airplane. The sun might burst in a ball of flames.
In the event of a zero day exploit against firefox, on my box, firefox is confined by apparmor. So if you gain control of firefox, and run arbitrary code, such a try to install, let alone run a key logger, apparmor will stop you.
Unless of course your theoretical exploit can also defeat apparmor.
Your security advice is long in theory and paranoia, but not very good advice to new users. It basically boils down to :
There is no such thing a compete security
with little or no advice on how to actually secure a linux box.
Bookmarks