lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080806150054.GC14109@mit.edu>
Date:	Wed, 6 Aug 2008 11:00:54 -0400
From:	Theodore Tso <tytso@....EDU>
To:	tvrtko.ursulin@...hos.com
Cc:	Adrian Bunk <bunk@...nel.org>,
	Arjan van de Ven <arjan@...radead.org>,
	Greg KH <greg@...ah.com>,
	"Press, Jonathan" <Jonathan.Press@...com>,
	linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org,
	malware-list@...ts.printk.net
Subject: Re: [malware-list] [RFC 0/5] [TALPA] Intro to a
	linuxinterfaceforon access scanning

On Wed, Aug 06, 2008 at 12:07:57PM +0100, tvrtko.ursulin@...hos.com wrote:
> > - Some set of requirements suddenly appears out of the void on 
> >   linux-kernel.
> 
> Because previously it was said to go away and come back with a clear list 
> of requirements. And here you make it sound like a negative thing. See 
> what I am talking about?

The list of requirements you came up with was a very low-level set of
requirements.  This is why Al Viro called it not much better than we
want a bunch of hooks here, here, and here.

What is needed is the high-level set of requirements --- which in the
case of security fixes, really needs to start with a threat model (or
threat models).  See my previous message, where I tried to help you
guys out on this.  There are scenarios such as "The Linux Desktop",
where the Clueless User may be tricked to run random binaries.  Then
there is the "The Linux Fileserver", where users may upload malware
via CIFS, NFS, et. al, but there aren't any Clueless Users to start
the malware running on said Linux Fileserver, etc.  When you do threat
analysis you need to know whether the malware is likely to have
compromised root (superuser) access or not.   Etc.

Low-level requirements are things like "this code must take the
number, multiply by it 7, and add 42".  High-level requirements answer
the question, why the heck are you trying to do this in the first
place?!?

						- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ