On 9/24/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > On 24.09-11:49, Can E. Acar wrote: > [ ... ] > > > The guy can be some stupid binary software with an "if(uid!=root) bail();" > > > > People running arbitrary binary software requiring root on their systems > > deserve what they get. You can not work around this stupidity by ANY policy. > > that is not the case and is, in fact, the entire point of defining > policy. to define what the applications on the system can and > cannot do, irrespective of how "stupid" they (or their programmer), > or how malicious they (or their programmer) is / was.
Oh, that sounds like a recipe for success. - Run _arbitrary_ _binary_ application on system. Intend to use policy wrapper to restrict to allowed operations. - Can't figure out how to get a working policy (made harder because you can't debug the damn blob well anyway). (made harder because the ppl who sold you that application aren't going to be able to help you when you ask them "why is this app doing X Y and Z?" when X Y and Z are system calls they've never heard of.) - So, disable policy stuff or just "allow all" just to get it working. Face it; the fact that you're running the dumb binary app in the first place is because its so critical you can't do without it. Given the choice between having a mission critical app (that you probably paid good money for) crippled by the policy layer or not having to deal with it, what are people going to do? The intentions are great and look good on paper. The reality is a bit different, as others have pointed out. DS
