| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: Friendly and secure desktop operating system On Tue, 14 Oct 2003 04:28:38 +0300, Timo Sirainen said: > I'd want a system where I can run any software I want and reasonably > expect that it can't do any harm besides consuming CPU and memory. Also "any software I want" and "reasonably expect" are probably hard to achieve at the same time. You get to either sandbox, or use things like SELinux and chroot/jail to restrict them, or solve the Turing Halting Problem (as doing a perfect job of detecting malware is an equivalent problem). > classifying software simply to "trusted" and "untrusted" isn't enough. I > don't want my "trusted" web browser accessing files in my home directory > (due to security holes in it) unless I specifically tell it to upload or > download them. About the only way to do this is to use an OpenSSH-style privsep, where the main browser runs in ONE compartment, and file up/downloads are handled via a temp directory/whatever and a separate entity that copies the stuff from temp to home. And even then you can't do a good job of keeping the main browser from lying to the helper if the main browser is subverted.... -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031013/1ab7ddbf/attachment.bin
Powered by blists - more mailing lists