Thanks for the detailed response and comparison of SubDomain to SELinux and systrace.
As I understand it, if SubDomain-restricted program A starts program B, then B is governed by the SubDomain rules for B, and not by the rules of A. Correct?
In theory, an attacker that compromises program A may be able to break out of "jail" if he can invoke another vulnerable program that either isn't restricted by a SubDomain rule set, or by one that has too lax of a rule set.
Is it possible to have separate SubDomain rule sets for each user of an application? For example, if I set up a guest account on a machine, I may want the account to have far less access than a more trusted user.
- Jared
Crispin Cowan wrote:
No, Immunix is proprietary. We are a technology company; our goal is to license Immunix technologies (including SubDomain) to server appliance vendors to enable them to enhance their product security and reduce their cost of achieving security in their products.
I hope that the message gets out to vendors, and that they care enough about security to implement SubDomain and/or other technologies for their appliances.
"Percent" is not a meaningful question.What percentage of applications have SubDomain policies written for them?
Good point.
- Jared
