Secure Coding mailing list archives
Software Assist to Find Least Privilege
From: mrockman at acm.org (Mark Rockman)
Date: Tue, 25 Nov 2008 12:26:02 -0500
It be difficult to determine a priori the settings for all the access control lists and other security parameters that one must establish for CAS to work. Perhaps a software assist would work according to the following scenario. Run the program in the environment in which it will actually be used. Assume minimal permissions. Each time the program would fail due to violation of some permission, notate the event and plow on. Assuming this is repeated for every use case, the resulting reports would be a very good guide to how CAS settings should be established for production. Of course, everytime the program is changed in any way, the process would have to be repeated. MARK ROCKMAN MDRSESCO LLC -------------- next part -------------- An HTML attachment was scrubbed... URL: http://krvw.com/pipermail/sc-l/attachments/20081125/b19e09cb/attachment.html
Current thread:
- Software Assist to Find Least Privilege Mark Rockman (Nov 25)
- Software Assist to Find Least Privilege Steven M. Christey (Nov 25)
- Software Assist to Find Least Privilege Gary McGraw (Nov 25)
- Software Assist to Find Least Privilege ljknews (Nov 25)
- Software Assist to Find Least Privilege Susan Bradley, CPA (Nov 25)
- Software Assist to Find Least Privilege Pete Werner (Nov 25)
- Software Assist to Find Least Privilege Steven M. Christey (Nov 25)