Bill Cheswick wrote:
>
> One of the things I'd like to see in Linux and Windows is better
> sandboxing of user-level programs, like Outlook and the browsers.
> There have been a number of approaches proposed over the years, and
> numerous papers, but haven't seen anything useful deployed widely
>
>
> > To secure a machine from malware introduced by a naive user it is
> > required that naive users not have the privilege to introduce
> > software that can be executed by them or by other naive users.
>
> I would disagree. There's nothing wrong with allowing naïve users to
> introduce softwa
> To secure a machine from malware introduced by a naive user it is
> required that naive users not have the privilege to introduce
> software that can be executed by them or by other naive users.
I would disagree. There's nothing wrong with allowing naïve users to
introduce software they or othe
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Michal Zalewski
> Sent: Tuesday, March 09, 2004 1:16 PM
>
> Uhh, with some new worms, you not only can't execute the
> rogue directly by
> just clicking on an attachment, but you need to enter a
> pa
Kenneth R. van Wyk wrote:
I think that we're seeing several of the features that have plagued the
security of desktop Windows systems being increasingly incorporated into the
desktops of Linux systems. Further, the Linux desktop is truly maturing and,
along with that, we're getting closer and
One of the things I'd like to see in Linux and Windows is better sandboxing
of user-level programs, like Outlook and the browsers. There have
been a number of approaches proposed over the years, and numerous papers, but
haven't seen anything useful deployed widely on any of these platforms.
Michal Zalewski wrote:
Uhh, with some new worms, you not only can't execute the rogue directly by
just clicking on an attachment, but you need to enter a password to get
access to it... you just need a userbase clueless enough to carry out even
a fairly complicated action out of curiosity, and som
At 10:10 AM -0500 3/9/04, Kenneth R. van Wyk wrote:
>So why do I feel that this is a Secure Coding issue and not (just) an OS
>security issue for Full-Disclosure and similar groups to discuss? IMHO, the
>issues that we're dealing with get straight to the heart of the design of the
>desktop env
On Tue, 9 Mar 2004, Richard Moore wrote:
> 2. While you can open things in their apps, what you can't do is make
> anything directly execute - that takes an addition step (eg. using
> konqueror or the command line to set the executable flag, then running
> the attachment). Since we do not let macr
You might want to take a look at Eric Raymond's writings on such things. He
maintains it's a feature based issue - across platforms - which makes sense
to me.
See for example - http://www.catb.org/~esr/writings/taoup/html/ch07s03.html
and especially the section on remote procedure calls (which ca
Disclosure: I'm part of the KDE core team
Kenneth R. van Wyk wrote:
Case in point, I just got KDE 3.2 on my PC over the weekend (thanks to the
Debian-Sid distribution), and I'm seeing the email/PIM environment appearing
more and more like Outlook. I can open an email attachment straight into it
11 matches
Mail list logo
