[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20060824131127.GB7052@elf.ucw.cz>
Date: Thu, 24 Aug 2006 15:11:27 +0200
From: Pavel Machek <pavel@....cz>
To: "Serge E. Hallyn" <sergeh@...ibm.com>
Cc: Mimi Zohar <zohar@...ibm.com>, David Safford <safford@...ibm.com>,
kjhall@...ibm.com, linux-kernel <linux-kernel@...r.kernel.org>,
LSM ML <linux-security-module@...r.kernel.org>,
linux-security-module-owner@...r.kernel.org
Subject: Re: [RFC][PATCH 8/8] SLIM: documentation
Hi!
> > > I hope this answered some of your questions. We're working on
> > > more comprehensive documentation, which we'll post with the next
> > > release.
> >
> > Do you have examples where this security model stops an attack?
> >
> > Both my mail client and my mozilla will be UNTRUSTED (because of
> > network connections, right?) -- so mozilla exploit will still be able
> > t osee my mail? Not good. And ssh connects to the net, too, so it will
> > not even protect my ~/.ssh/private_key ?
>
> I believe it will read your private_key while at a higher level, then
> will be demoted when it access the net.
>
> Is that right?
Hmm.. you are the security expert here :-). But it still needs private
key while accessing the net.. so even if it does read from
~/.ssh/private_key, first, what stops mozilla from waiting for
ssh to start talking on the network, and then read the key from ssh's
memory?
Do you have examples where this security model stops an attack?
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists