Re: Media Excitement!

[pageexec () freemail hu]

On 24 Apr 2005 at 21:48, robert () dyadsecurity com wrote:

> The rest of your post will be more meaningful to answer once you spend
> more time with a working implementation.

assume that i have. can you now answer in a 'more meaningful'
manner? just to recap for what i expect answers:

1. you said that (some) OSs listed on the CC portal provided
   intrusion prevention technologies like PaX/grsec/etc but
   didn't elaborate.

2. you said that "the inherent ability to limit intrusion should
   be designed into the TCB, not bolted on afterwards". anything
   you add to linux is by definition 'bolted on', so how do you
   reconcile that with say SELinux?

3. if evaluated products (or just OSs for our discussion) have
   all had (security) patches, than how are they supposed to be
   better than patching non evaluated systems?

4. you said about SELinux that "It's a pain in the ass to learn
   because it'll take you a couple of weeks just to understand
   the concepts if you're new to them" but on the other hand you
   said that "I would argue that discretion in the hands of the
   novice is more complicated than using a MAC/DTE machine for
   pre-agreed usage" - how do you reconcile this contradiction?
   certainly it doesn't take weeks to understand the UNIX DAC
   system.

5. you said that "Once the running instance of the web browser
   is compromised, the exploit is only capable of doing things
   from the context of the browser application". now, what does
   that really mean? what kind of assurance does it give? on a
   side note, have you heard of kernel bugs? has any of them been
   exploitable "from the context of the browser application"?

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave