Dailydave mailing list archives
Re: Media Excitement!
From: pageexec () freemail hu
Date: Wed, 27 Apr 2005 02:32:18 +0100
On 24 Apr 2005 at 21:48, robert () dyadsecurity com wrote:
The rest of your post will be more meaningful to answer once you spend more time with a working implementation.
assume that i have. can you now answer in a 'more meaningful' manner? just to recap for what i expect answers: 1. you said that (some) OSs listed on the CC portal provided intrusion prevention technologies like PaX/grsec/etc but didn't elaborate. 2. you said that "the inherent ability to limit intrusion should be designed into the TCB, not bolted on afterwards". anything you add to linux is by definition 'bolted on', so how do you reconcile that with say SELinux? 3. if evaluated products (or just OSs for our discussion) have all had (security) patches, than how are they supposed to be better than patching non evaluated systems? 4. you said about SELinux that "It's a pain in the ass to learn because it'll take you a couple of weeks just to understand the concepts if you're new to them" but on the other hand you said that "I would argue that discretion in the hands of the novice is more complicated than using a MAC/DTE machine for pre-agreed usage" - how do you reconcile this contradiction? certainly it doesn't take weeks to understand the UNIX DAC system. 5. you said that "Once the running instance of the web browser is compromised, the exploit is only capable of doing things from the context of the browser application". now, what does that really mean? what kind of assurance does it give? on a side note, have you heard of kernel bugs? has any of them been exploitable "from the context of the browser application"? _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Media Excitement!, (continued)
- Re: Media Excitement! robert (Apr 24)
- Re: Media Excitement! Cody Hatch (Apr 25)
- Re: Media Excitement! Jack (Apr 25)
- Re: Media Excitement! Cody Hatch (Apr 26)
- Re: Media Excitement! pageexec (Apr 26)
- Re: Media Excitement! Jack (Apr 27)
- Re: Media Excitement! pageexec (May 09)
- Re: Media Excitement! robert (May 09)
- Laptop Abuse halvar (Apr 25)
- Re: Media Excitement! robert (Apr 24)
- Re: Media Excitement! pageexec (Apr 26)
- Re: Media Excitement! robert (Apr 26)
- Re: Media Excitement! pageexec (Apr 26)
- Re: Media Excitement! byte_jump (Apr 26)
- Re: Media Excitement! robert (Apr 26)
- Re: Media Excitement! Anton A. Chuvakin (Apr 21)
- RE: Media Excitement! Ben Nagy (Apr 21)
- Re: Media Excitement! Cody Hatch (Apr 22)
- Re: Media Excitement! robert (Apr 22)
- Re: Media Excitement! Cody Hatch (Apr 22)
- Re: Media Excitement! Roman Medina-Heigl Hernandez (Apr 22)