Dailydave mailing list archives
Re: So, the security industry has given up on the principles of least privilege and separation?
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Sat, 14 Feb 2009 21:04:28 +0100
That made me snort into my breakfast cereals, I can tell you. Has the entire security industry abandoned all hope of using the principle of least privilege and limited user accounts, or just him?
Secunia is talking about reality, not hopes and dreams. In reality, the industry came up with three specific options: 1) "Limited" user accounts - which does not really add an appreciable value in this context: "hey, so, your bank account is owned and mail stolen, and your user account backdoored, but at least you *maybe* do not have to scrape the entire box (no promises!)". 2) Sandboxed / ACLed processes - which is slightly better, but still pretty sucky when dealing with complex, monolithic software: "yo dude, so we restricted your mail client only to do the things it is supposed to do, that is, reading and writing local files, communicating with the network and changing network settings, and of course sending your passwords and reading back your mail; you happy now?". 3) Invisible unicorns - that is, proposals to rework all software to compartmentalize privileges, then ensure robust cross-component control flow supervision and policing. Yeah, great, but also extremely unlikely to be feasible in most contexts, unless you also find out a method to convince software vendors to follow your vision and foot the bill for significant overhead. So I'm not sure what makes Secunia statement outrageous, or what specific, feasible hopes we decided to give up on? /mz _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- So, the security industry has given up on the principles of least privilege and separation? Dave Korn (Feb 14)
- Re: So, the security industry has given up on the principles of least privilege and separation? Michal Zalewski (Feb 16)
- Re: So, the security industry has given up on the principles of least privilege and separation? Joanna Rutkowska (Feb 16)
- Re: So, the security industry has given up on the principles of least privilege and separation? Andre Gironda (Feb 16)
- Re: So, the security industry has given up on the principles of least privilege and separation? Michal Zalewski (Feb 17)