Secure Coding mailing list archives
Re: Opinion re an interesting article on Linux security in Linux Journal
From: Martin Stricker <shugal () gmx de>
Date: Thu, 11 Mar 2004 14:45:19 +0000
Bill Cheswick wrote:
One of the things I'd like to see in Linux and Windows is better sandboxing of user-level programs, like Outlook and the browsers. There have been a number of approaches proposed over the years, and numerous papers, but haven't seen anything useful deployed widely on any of these platforms.
With the introduction of the Linux Security Module into the official Linux kernel the first step has been done. Things like SELinux http://www.nsa.gov/selinux/ already use it to restrict user possibilities on the kernel level. Server applications can also use LSMs features to become more secure (sorry, no example yet). Best regards, Martin Stricker -- Homepage: http://www.martin-stricker.de/ Linux Migration Project: http://www.linux-migration.org/ Red Hat Linux 9 for low memory: http://www.rule-project.org/ Registered Linux user #210635: http://counter.li.org/
Current thread:
- Re: Opinion re an interesting article on Linux security in Linux Journal, (continued)
- Re: Opinion re an interesting article on Linux security in Linux Journal Bill Cheswick (Mar 10)
- Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 10)
- Re: Application Sandboxing, communication limiting, etc. ljknews (Mar 10)
- Re: Re: Application Sandboxing, communication limiting, etc. Jose Nazario (Mar 10)
- Re: Re: Application Sandboxing, communication limiting, etc. Crispin Cowan (Mar 13)
- Re: Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 16)
- Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 10)
- Re: Re: Application Sandboxing, communication limiting, etc. Crispin Cowan (Mar 14)
- Re: Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 16)
- Re: Re: Application Sandboxing, communication limiting, etc. Crispin Cowan (Mar 16)
- Re: Comparison of SubDomain, SELinux and systrace Jared W. Robinson (Mar 16)
- Re: Opinion re an interesting article on Linux security in Linux Journal Bill Cheswick (Mar 10)