On 3/13/08, L. Rahyen <research at science.su> wrote: > Separate user is enough if you don't have world writable files in your > system. No, because the malware could root your Linux system using a local priv escalation exploit. You really want a totally isolated sandbox. - Dan