|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: The reason for securelevel
From: Steven M. Bellovin (smb
cs.columbia.edu)
Date: Thu Jan 26 2006 - 12:26:57 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
In message <43D91357.4080102NetBSD.org>, Elad Efrat writes:
>Steven M. Bellovin wrote:
>
>> In principle, this is a fine idea. In practice, figuring out the right
>> set of bits is non-trivial. It's not a direct analogy, but SGI has 48
>> different privileges that a process can have.
>
>let's not over-complicate things just yet: the idea is about separating
>the *securelevel* stuff and not creating per-process knobs.
>how is the above non-trivial?
>
I wasn't suggesting per-process knobs, which is why I said it wasn't a
direct analogy. The hard part is figuring out what all these different
bits should be, especially if you want them orthogonal. I cited the
SGI example to show just how many different things you might want to
lock down.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]