Author: HW42 Date: To: tails-dev Subject: Re: [Tails-dev] What to do about I2P in Tails?
Hi,
Jacob wrote: > I disagree in practice - if someone can pop a shell as the Amnesia
> user, they can jump to the i2psvc by using the sudo rule and then
> attacking I2P. That concern seems to point toward a different
> solution. Furthermore, it suggests that an actual I2P user should not
> be so easy to deanonymize. That won't come from the firewall
> protection, I guess.
If someone can run code as the 'amnesia' user your are lost anyway
because he then controls input/output and therefore can do anything the
real user can do.