Re: Re: Dailydave Digest, Vol 23, Issue 15

[robert () dyadsecurity com]

tobaccofarm(phaceton () gmail com)@Tue, Apr 26, 2005 at 08:00:44AM +0200:
> "If she went to the wrong website that wanted to exploit her browser,
> it would only be able to do things from the security context you
> allowed for her browser."
>
> And there's no buffer overflow posssibility? SElinux doesn't protect
> against all sorts of buffer overflows?

In the example I was assuming an exploit such as that did occur.  Once
the running instance of the web browser is compromised, the exploit is
only capable of doing things from the context of the browser
application.

In the example I wasn't concerned with stopping the buffer overflow.  I
was concerned about being able to limit the damage of the exploitation.

Robert

-- 
Robert E. Lee
CEO, Dyad Security, Inc.
W - http://www.dyadsecurity.com
E - robert () dyadsecurity com
M - (949) 394-2033
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave