← Back to team overview

ubuntu-phone team mailing list archive

  1. ubuntu-phone team
  2. Mailing list archive
  3. Message #23671

Re: Is ubuntu phone resistant to vault 7 attacks?

  Thread PreviousDate PreviousThread Next 
hi,
Am Samstag, den 11.03.2017, 12:10 +0100 schrieb Matthias Apitz:
> El día Saturday, March 11, 2017 a las 11:52:22AM +0100, Oliver
> Grawert escribió:
> 
> > 
> > > 
> > > > 
> > > > > 
> > > > > tcp        0      0 0.0.0.0:22              0.0.0.0:* LISTEN
> > > > > tcp        0      0 0.0.0.0:8888            0.0.0.0:* LISTEN
> > > > > tcp6       0      0 :::22                   :::* LISTEN
> > > > > 
> > > > > 
> > ...
> > > 
> > > > 
> > > > > 
> > > > >  That's why I requested some kind of firewall
> > > rules to limit access to such ports based on source IP addr, for
> > > example.
> > just limit the client ip range in the sshd conf ...
> This is in a read only file system.
> 

phablet@ubuntu-phablet:~$ mount |grep /etc/ssh
/dev/sda44 on /etc/ssh type ext4
(rw,relatime,discard,nodelalloc,data=journal)

/etc/ssh is writable by default since you need to generate the host
keys on first boot (else all host keys out there would be the same for
all phones)... 

ciao
	oli

Attachment: signature.asc
Description: This is a digitally signed message part

Follow ups

References

  Thread PreviousDate PreviousThread Next