Full Disclosure mailing list archives
Re: Friendly and secure desktop operating system
From: Andrew Clover <and-bugtraq () doxdesk com>
Date: Tue, 14 Oct 2003 09:35:16 +0000
Timo Sirainen <tss () iki fi> wrote:
You're thinking about how to do it currently in UNIX world. I'm thinking about adding new concepts in kernel level. systrace would be much more closer to it than chroot jails.
Indeed, I've been thinking a lot about how to create the sort of desktop environment you describe, and I don't think it's 'properly' doable within the current Unix-style or Windows operating environments. It would require a pervasive system of fine-grained capabilities, from base OS level right up to user desktop services. Programs would have to get used to pre-requesting each service they require, and cope with being refused (either on policy grounds, or user choice, or the user themselves not having the required rights). There are also user interface concerns (ie. how to prevent an application 'faking' the system security interface). An attempt starting along these lines can be seen in Tiny Personal Firewall. Its interface isn't too great, it's not complete, and of course on a Windows platform there is nothing stopping a malicious process from subverting the protection, but it's an interesting glimpse at the sort of thing we might need. -- Andrew Clover mailto:and () doxdesk com http://www.doxdesk.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Friendly and secure desktop operating system Timo Sirainen (Oct 13)
- Re: Friendly and secure desktop operating system Valdis . Kletnieks (Oct 13)
- Re: Friendly and secure desktop operating system Timo Sirainen (Oct 13)
- Re: Friendly and secure desktop operating system Gary Flynn (Oct 13)
- Re: Friendly and secure desktop operating system Valdis . Kletnieks (Oct 13)
- Re: Friendly and secure desktop operating system Timo Sirainen (Oct 13)
- Re: Friendly and secure desktop operating system Andrew Clover (Oct 14)
- Re: Friendly and secure desktop operating system Timo Sirainen (Oct 13)
- Re: Friendly and secure desktop operating system Valdis . Kletnieks (Oct 13)
- Re: Friendly and secure desktop operating system David (Oct 13)
- Re: Friendly and secure desktop operating system Peter Busser (Oct 16)
- Re: Friendly and secure desktop operating system Ondrej Krajicek (Oct 16)
- Re: Friendly and secure desktop operating system Timo Sirainen (Oct 13)
- <Possible follow-ups>
- Re: Friendly and secure desktop operating system Franz von Sickingen (Oct 14)