Re: Friendly and secure desktop operating system

[Andrew Clover <and-bugtraq () doxdesk com>]

Timo Sirainen <tss () iki fi> wrote:

> You're thinking about how to do it currently in UNIX world. I'm thinking
> about adding new concepts in kernel level. systrace would be much more
> closer to it than chroot jails.

Indeed, I've been thinking a lot about how to create the sort of desktop
environment you describe, and I don't think it's 'properly' doable within
the current Unix-style or Windows operating environments. It would require
a pervasive system of fine-grained capabilities, from base OS level right
up to user desktop services.

Programs would have to get used to pre-requesting each service they
require, and cope with being refused (either on policy grounds, or user
choice, or the user themselves not having the required rights). There
are also user interface concerns (ie. how to prevent an application
'faking' the system security interface).

An attempt starting along these lines can be seen in Tiny Personal
Firewall. Its interface isn't too great, it's not complete, and of course
on a Windows platform there is nothing stopping a malicious process from
subverting the protection, but it's an interesting glimpse at the sort of
thing we might need.

-- 
Andrew Clover
mailto:and () doxdesk com
http://www.doxdesk.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html