Secure Coding mailing list archives
Re: Application Sandboxing, communication limiting, etc.
From: "Jared W. Robinson" <jwr () xmission com>
Date: Wed, 10 Mar 2004 22:09:31 +0000
On Tue, Mar 09, 2004 at 07:12:35PM -0500, Bill Cheswick wrote:
One of the things I'd like to see in Linux and Windows is better sandboxing of user-level programs, like Outlook and the browsers. There have been a number of approaches proposed over the years, and numerous papers, but haven't seen anything useful deployed widely on any of these platforms.
I agree with the sandboxing idea. We're seeing it used more on the server side, but the desktop arena isn't as far along. Seems to me that the average user application doesn't need to open TCP/UDP ports for listening. Attack bots tend to do this kind of thing. Perhaps SELinux could be used to define a rule set that would restrict desktop application's access to resources such as the filesystem, network, etc. Note that I don't know what the scope of SELinux is, or how it works. Most OSS Software also doesn't "phone home" (unlike software in the Windows world). Only pre-installed apps should be allowed network communication under normal circumstances. So if your desktop noticed that an unknown app (one run from the user's home directory or from /tmp) tries to communicate with a remote site, it would deny the action by default -- or at least slow the application communication down so that worms would spread more slowly, and could be contained. - Jared -- "It's a well known technology truism that [not] all of the smart people work for you, and that one of the surest ways to success is to get more ideas and more work out of people outside your own fences." - Tim O'Reilly
Current thread:
- Opinion re an interesting article on Linux security in Linux Journal Kenneth R. van Wyk (Mar 09)
- Re: Opinion re an interesting article on Linux security in Linux Journal Richard Moore (Mar 09)
- Re: Opinion re an interesting article on Linux security in Linux Journal Michal Zalewski (Mar 09)
- RE: Opinion re an interesting article on Linux security in Linux Journal Alun Jones (Mar 10)
- Re: Opinion re an interesting article on Linux security in Linux Journal Richard Moore (Mar 10)
- Re: Opinion re an interesting article on Linux security in Linux Journal Michal Zalewski (Mar 09)
- RE: Opinion re an interesting article on Linux security in Linux Journal Michael S Hines (Mar 09)
- Re: Opinion re an interesting article on Linux security in Linux Journal Ryan Russell (Mar 10)
- Re: Opinion re an interesting article on Linux security in Linux Journal ljknews (Mar 10)
- Re: Opinion re an interesting article on Linux security in Linux Journal der Mouse (Mar 10)
- <Possible follow-ups>
- Re: Opinion re an interesting article on Linux security in Linux Journal Bill Cheswick (Mar 10)
- Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 10)
- Re: Application Sandboxing, communication limiting, etc. ljknews (Mar 10)
- Re: Re: Application Sandboxing, communication limiting, etc. Jose Nazario (Mar 10)
- Re: Re: Application Sandboxing, communication limiting, etc. Crispin Cowan (Mar 13)
- Re: Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 16)
- Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 10)
- Re: Re: Application Sandboxing, communication limiting, etc. Crispin Cowan (Mar 14)
- Re: Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 16)
- Re: Re: Application Sandboxing, communication limiting, etc. Crispin Cowan (Mar 16)
- Re: Comparison of SubDomain, SELinux and systrace Jared W. Robinson (Mar 16)
- Re: Opinion re an interesting article on Linux security in Linux Journal Richard Moore (Mar 09)