| 1 |
Joshua Brindle wrote: |
| 2 |
> pageexec@××××××××.hu wrote: |
| 3 |
>> is there any particular reason you're avoiding answering my (Andrea's, |
| 4 |
>> for that matter) requests for specific attack examples? |
| 5 |
>> it's my observation that you as well as many other selinux advocates |
| 6 |
>> often try to stay at some superficial theoretical level of 'attacks' |
| 7 |
>> as if that meant anything in the real world. it means nothing, so |
| 8 |
>> please try get down from that 'high horse' and answer the questions. |
| 9 |
|
| 10 |
Forgive my telling a short, true story here. Back in 1989, Steve Bellovin |
| 11 |
wrote a paper called "Security Problems in the TCP/IP Protocol Suite." It |
| 12 |
detailed a theoretical attack based on sequence number guessing. In 1994, |
| 13 |
Kevin Mitnik used sequence guessing attacks against Tsutomu Shimomura's |
| 14 |
network, in an attack that seemed pretty new... an act that ultimately led |
| 15 |
to Mitnik's capture and imprisonment. In '89, Bellovin's paper didn't get |
| 16 |
a lot of long-term attention because it seemed to be talking about some |
| 17 |
wild, theoretical problem that nobody would ever be able to actually exploit. |
| 18 |
|
| 19 |
So, what's the point of this story? You really shouldn't need a specific |
| 20 |
attack example to think about the security implications of software. |
| 21 |
Instead, you need to have a good theoretical base from which to make |
| 22 |
decisions, and balance those decisions with practical knowledge and |
| 23 |
understanding because all security decisions are ultimately based on an |
| 24 |
assessment of what the risks are and a decision to mitigate or accept the |
| 25 |
remaining risk. |
| 26 |
|
| 27 |
This isn't coming from a high horse. This discussion appears to be a |
| 28 |
question of competing priorities (functionality versus assurance) in trying |
| 29 |
to ensure that a product continues to meet an extremely high standard for |
| 30 |
quality. |
| 31 |
|
| 32 |
-Bill |
| 33 |
-- |
| 34 |
William Yang |
| 35 |
wyang@××××.net |
| 36 |
-- |
| 37 |
gentoo-security@g.o mailing list |
Archives