Software Assist to Find Least Privilege

[gem at cigital.com (Gary McGraw)]

<DREAM>

It seems we've come full circle, because what you are describing is managed code (or privileged code depending on your 
Java vs .NET vocabulary).  In full on managed code, the code describes what it needs and the machine decides whether 
that coheres with local policy.

</DREAM>

gem

company www.cigital.com
podcast www.cigital.com/silverbullet
blog www.cigital.com/justiceleague
book www.swsec.com


On 11/25/08 12:56 PM, "Steven M. Christey" <coley at linus.mitre.org> wrote:



On Tue, 25 Nov 2008, Mark Rockman wrote:

> Assuming this is repeated for every use case, the resulting
> reports would be a very good guide to how CAS settings should be
> established for production.  Of course, everytime the program is changed
> in any way, the process would have to be repeated.

Better - and absoutely unachievable any time soon - would be for the
application itself to more explicitly state what its requirements of the
OS are, and what its intended behaviors are.  Kind of like SELinux but
simpler.  More easily said than done, but until we develop richer models
for representing what an application's legitimate behaviors are, then
automated detection of these types of issues are likely to be difficult.

- Steve
_______________________________________________
Secure Coding mailing list (SC-L) SC-L at securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________