Information Security News mailing list archives

Re: Uncovering the secrets of SE Linux

From: InfoSec News <isn () C4I ORG>
Date: Tue, 13 Mar 2001 22:45:59 -0600

Forwarded by: Larry Loeb <larryloeb () prodigy net>


I must apologize in advance to the list for the bandwidth waste.

On 3/13/01 11:07 AM, "Russell Coker" <russell () coker com au> wrote:

Are you remotely serious?


I'm sorry, I should have subtitled things for the irony-impaired. Do
they get David Letterman in Oz?

Opening a .tgz file does not run anything, run "man 1 tar" if you
don't believe me.


Thank you for pointing me in the right direction. It is left as an
exercise to the reader to figure out how I examined the source code
without ever using "tar" as well as having system-level traps in place
to alert me should any untoward activity occur while the distribution
file was expanded.

The issue is what happens when the code is compiled and then run.


No, the issue was that there was not a virus-vectored program embedded
in the file wrapper. As well as the writerly trick of playing off
reader's pre-existing perceptions and making fun of them. Your
debater's trick of switching the subject to something other than I was
discussing is called the "false canard" gambit. Derived from the
boating term, I believe. It evidences the paucity of your analysis.

Also consider that an intelligent person who is writing a
back-door (do not try to claim that the NSA are stupid) will make
sure that it doesn't immidiately do something bad, it will wait
until you least expect it!


And of course, this implies that the software will by some magical
process "know" when you least expect it so it can wait for that point.
Those kooky back-door routines!

I will spare you the spelling weenie flamage on "immediate".

If anyone on the list is intrigued by this exchange enough to check
out part 1 of my article on SE Linux, I would be happy to provide them
the URL which has already been posted. Please mail me off-list.

If anyone has any questions after seeing part 2 and thus the complete
article, I would be happy to answer either to the list or by mail.

Again, I apologize for wasting the list bandwidth on this; but I could
not let it stand unopposed. Thank your for your patience.

--Larry Loeb

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".

Current thread:

Uncovering the secrets of SE Linux InfoSec News (Mar 09)
- <Possible follow-ups>
- Re: Uncovering the secrets of SE Linux James Goldston (Mar 12)
- Re: Uncovering the secrets of SE Linux InfoSec News (Mar 12)
- Re: Uncovering the secrets of SE Linux InfoSec News (Mar 13)