Secure Coding mailing list archives
Re: Re: Application Sandboxing, communication limiting, etc.
From: Jose Nazario <jose () monkey org>
Date: Wed, 10 Mar 2004 23:17:53 +0000
SELinux. LIDS. systrace (Linux, BSD, MacOS X). a few things on FreeBSD i can't recall. i dont know what exists for the average user on Windows at the application level, but i do know that personal firewalls can help. untrusted programs can't access the network, either as a server or as a client. i know a few products exist for servers, typically restricted to server programs (ie IIS). so, some work is being done on that front, not enough yet. bear in mind that, just like with comcast's behavior restriction system making the FD news lately, power users of systems will complain and be annoyed when they find their access suddenly fettered. ___ jose nazario, ph.d. [EMAIL PROTECTED] http://monkey.org/~jose/ http://infosecdaily.net/
Current thread:
- Re: Opinion re an interesting article on Linux security in Linux Journal, (continued)
- Re: Opinion re an interesting article on Linux security in Linux Journal Michal Zalewski (Mar 09)
- RE: Opinion re an interesting article on Linux security in Linux Journal Alun Jones (Mar 10)
- Re: Opinion re an interesting article on Linux security in Linux Journal Richard Moore (Mar 10)
- Re: Opinion re an interesting article on Linux security in Linux Journal Michal Zalewski (Mar 09)
- RE: Opinion re an interesting article on Linux security in Linux Journal Michael S Hines (Mar 09)
- Re: Opinion re an interesting article on Linux security in Linux Journal Ryan Russell (Mar 10)
- Re: Opinion re an interesting article on Linux security in Linux Journal ljknews (Mar 10)
- Re: Opinion re an interesting article on Linux security in Linux Journal der Mouse (Mar 10)
- Re: Opinion re an interesting article on Linux security in Linux Journal Bill Cheswick (Mar 10)
- Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 10)
- Re: Application Sandboxing, communication limiting, etc. ljknews (Mar 10)
- Re: Re: Application Sandboxing, communication limiting, etc. Jose Nazario (Mar 10)
- Re: Re: Application Sandboxing, communication limiting, etc. Crispin Cowan (Mar 13)
- Re: Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 16)
- Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 10)
- Re: Re: Application Sandboxing, communication limiting, etc. Crispin Cowan (Mar 14)
- Re: Re: Application Sandboxing, communication limiting, etc. Jared W. Robinson (Mar 16)
- Re: Re: Application Sandboxing, communication limiting, etc. Crispin Cowan (Mar 16)
- Re: Comparison of SubDomain, SELinux and systrace Jared W. Robinson (Mar 16)