Casey Schaufler wrote:
--- Joshua Brindle <[email protected]> wrote:
And that is just practical stuff, there are still
problems with
embedding policy into binaries all over the system
in an entirely
non-analyzable way, and this extends to all
capabilities, not just the
open() one.
Your assertion that directly associating
the capabilities with the binary cannot
be analysed is demonstrably incorrect,
reference Common Criteria validation
reports CCEVS-VR-02-0019 and CCEVS-VR-02-0020.
The first system I took through evaluation
(that is, independent 3rd party analysis) stored
security attributes in a file while the second
and third systems attached the attributes
directly (XFS). The 1st evaluation required
5 years, the 2nd 1 year. It is possible that
I just got a lot smarter with age, but I
ascribe a significant amount of the improvement
to the direct association of the attributes
to the file.
Thats great but entirely irrelevant in this context. The patch and caps
in question are not attached to the file via some externally observable
property (eg., xattr) but instead are embedded in the source code so
that it can drop caps at certain points during the execution or before
executing another app, thus unanalyzable.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
