| 1 |
On 26 Apr 2006 at 10:01, Joshua Brindle wrote: |
| 2 |
> This is no flamewar. The model is broken by my standards. It bypasses |
| 3 |
> built-in DAC and capabilities in the kernel making it the single attack |
| 4 |
> vector to gain all access on the system. Compare to grsecurity, rsbac, |
| 5 |
> selinux which do not bypass kernel access control or escalate privileges. |
| 6 |
|
| 7 |
it'd help the discussion/review (which is what Andrea asked for) if |
| 8 |
you/others were more precise and cited specific attacks. generic hand- |
| 9 |
waving of 'this is broken' doesn't help it. this is not to say that |
| 10 |
i disagree with your opinion (fwiw, you and spender are on the same |
| 11 |
side for once ;-). |
| 12 |
|
| 13 |
> http://securityblog.org/brindle/2006/03/25/security-anti-pattern-status-quo-encapsulation/ |
| 14 |
> http://securityblog.org/brindle/2006/04/19/security-anti-pattern-path-based-access-control/ |
| 15 |
|
| 16 |
it's funny that you mention these as i just came across them and was |
| 17 |
going to post a rebuttal to many of your claims. do you want them here |
| 18 |
on the list or on the blog (it will probably take a few days until i |
| 19 |
have enough free time though)? |
| 20 |
|
| 21 |
-- |
| 22 |
gentoo-hardened@g.o mailing list |
Archives