3·
11 days agoIf im to noob to unterstand how to actually
“employ robust application control to block malicious libraries and payloads used in Dynamic Linker. Implement behavior-based endpoint detection to identify and prevent process injection activities.” And “also implement strict access controls, limiting administrative access,”
Because I don’t really know what this means, what should I do?
Is there a step by step guide somewhere?
Thanks for the breakdown. I ofc use a root pwd different from my user PW (with sudo privileges) and often use appimages, as they don’t require privileges at all to my understanding. I do run a few binaries though, as for example for team speak or corectl they are the only ones that work for me.
How would I go about restricting the files a program can access? Make a whole new user just for that program, put “run as this user” in the .desktop file an manually set read/write permissions for every single file on the system?
This seems unpractical. Is there a best practise guide? Do I need to get into apparmor and stuff?