On Tue, Mar 09, 2004 at 07:12:35PM -0500, Bill Cheswick wrote: > One of the things I'd like to see in Linux and Windows is better sandboxing > of user-level programs, like Outlook and the browsers. There have > been a number of approaches proposed over the years, and numerous papers, but > haven't seen anything useful deployed widely on any of these platforms.
I agree with the sandboxing idea. We're seeing it used more on the server side, but the desktop arena isn't as far along. Seems to me that the average user application doesn't need to open TCP/UDP ports for listening. Attack bots tend to do this kind of thing. Perhaps SELinux could be used to define a rule set that would restrict desktop application's access to resources such as the filesystem, network, etc. Note that I don't know what the scope of SELinux is, or how it works. Most OSS Software also doesn't "phone home" (unlike software in the Windows world). Only pre-installed apps should be allowed network communication under normal circumstances. So if your desktop noticed that an unknown app (one run from the user's home directory or from /tmp) tries to communicate with a remote site, it would deny the action by default -- or at least slow the application communication down so that worms would spread more slowly, and could be contained. - Jared -- "It's a well known technology truism that [not] all of the smart people work for you, and that one of the surest ways to success is to get more ideas and more work out of people outside your own fences." - Tim O'Reilly
