1 |
On 26 Apr 2006 at 10:01, Joshua Brindle wrote: |
2 |
> This is no flamewar. The model is broken by my standards. It bypasses |
3 |
> built-in DAC and capabilities in the kernel making it the single attack |
4 |
> vector to gain all access on the system. Compare to grsecurity, rsbac, |
5 |
> selinux which do not bypass kernel access control or escalate privileges. |
6 |
|
7 |
it'd help the discussion/review (which is what Andrea asked for) if |
8 |
you/others were more precise and cited specific attacks. generic hand- |
9 |
waving of 'this is broken' doesn't help it. this is not to say that |
10 |
i disagree with your opinion (fwiw, you and spender are on the same |
11 |
side for once ;-). |
12 |
|
13 |
> http://securityblog.org/brindle/2006/03/25/security-anti-pattern-status-quo-encapsulation/ |
14 |
> http://securityblog.org/brindle/2006/04/19/security-anti-pattern-path-based-access-control/ |
15 |
|
16 |
it's funny that you mention these as i just came across them and was |
17 |
going to post a rebuttal to many of your claims. do you want them here |
18 |
on the list or on the blog (it will probably take a few days until i |
19 |
have enough free time though)? |
20 |
|
21 |
-- |
22 |
gentoo-hardened@g.o mailing list |