|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: chroot useful?
Paul McNabb (mcnabb
argus-systems.com)
Tue, 11 Nov 1997 11:33:34 -0600
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Bennett Todd: "Denial Of Service: is it a security issue? (was Re: Ant...)"
- Previous message: Rafi Sadowsky: "Re: Accounting sw for use with FireWall-1"
- In reply to: Clancy Lawrence: "Accounting sw for use with FireWall-1"
- Next in thread: Paul McNabb: "Re: chroot useful?"
> From: "Joseph S. D. Yao" <jsdycospo.osis.gov>
>
> Similarly, chrooting is a deterrent, not a guarantee (and, especially,
> not as much of a guarantee as it used to be). Yes, it would be nice if
> it compartmented more than it did. In fact, that's an interesting
> idea: as chroot partitions the file system, perhaps there might be
> other services to partition off other kernel services? For the future.
All B1 systems do this now, and B1 versions are available for most
commercial OS products. Other products, such as Argus's Decaf do
partitioning as well, but without the B1 mechanisms. This is the main
argument used for B-level security.
paul
---------------------------------------------------------
Paul McNabb Argus Systems Group, Inc.
Vice President and CTO 1809 Woodfield Drive
mcnabbargus-systems.com Savoy, IL 61874 USA
TEL 217-355-6308
FAX 217-355-1433 "Securing the Future"
---------------------------------------------------------
- Next message: Bennett Todd: "Denial Of Service: is it a security issue? (was Re: Ant...)"
- Previous message: Rafi Sadowsky: "Re: Accounting sw for use with FireWall-1"
- In reply to: Clancy Lawrence: "Accounting sw for use with FireWall-1"
- Next in thread: Paul McNabb: "Re: chroot useful?"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:09:48 CDT