| 1 |
> Complexity matter again... Theoretically.. is it possible to enumerate all the |
| 2 |
> possible scenarios for a file server? (or, I might have wrote - all of its |
| 3 |
> states) Oh, sure, it has finite amount of memory :) |
| 4 |
|
| 5 |
Those firmly on the "Threat modeling" side of the camp say you can. |
| 6 |
The key is limiting your system's scope and using a positive |
| 7 |
(default-deny) security model. It's resource-intensive for the |
| 8 |
implementer on the front end and inflexible, but can work for some |
| 9 |
scenarios. |
| 10 |
|
| 11 |
> I started this as a "flame", but the rest might go out of scope of this list |
| 12 |
> and send me to theoretical computer science. |
| 13 |
|
| 14 |
In spite of my CS degree (and probable pursuit of an advanced degree), |
| 15 |
I don't esteem academia very highly. Theory makes for pretty graphs |
| 16 |
on thesis papers, but real-world application is the only way anything |
| 17 |
will actually be solved. |
| 18 |
|
| 19 |
> Javier Martínez: |
| 20 |
> "control the execution of perl an python (between |
| 21 |
> others) scripts (in the way of perl blablabla.pl, which does not need |
| 22 |
> execution rights). You under this two frameworks you can do it. Can |
| 23 |
> you do this under OpenBSD ;)" |
| 24 |
> |
| 25 |
> Thanks, just you put me on my way, if I really need a reliable system, that I |
| 26 |
> can get NOW AND HERE :) |
| 27 |
|
| 28 |
Yes - good, actionable suggestions. Of course, the threat modeling |
| 29 |
crew makes a good argument that anything beyond a MAC (selinux, RSBAC, |
| 30 |
etc.) is wasted effort. That, of course, assumes you've perfectly |
| 31 |
succeeded in least-privilege. |
Archives