On Tue, 9 May 2000, Linda Walsh wrote:
> > The previous problem? The all-powerfulness of the root user. The new
> > problem? The all-powerfulness of the monolithic kernel.
> ---
> Hey, don't delude yourself -- the kernel already *is* all powerful --
> it has to be as it is the basis upon what everything else is built on.
Yes, but currently (bad) people don't need to care that the kernel is all
powerful. Currently root is also all powerful, and there are plenty enough
userland flaws that can get you access to root.
MAC is based on a very powerful security principle: as well as fixing what
is broken, also take steps to make the impact of broken stuff less, or
in some cases negligible.
So with MAC we'll get a lot less grief from userspace
insecurity. Superb. Suddenly, the only thing worth subverting is the
kernel. Fact 1: A monolithic kernel is a lot of code. Fact 2: A large
reason for userspace insecurity is the sheer volume of code which runs
with high privilege. Use facts 1 and 2 to predict the future ;-)
Chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:14 EST