Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforon access scanning

From: Alan Cox
Date: Fri Aug 15 2008 - 10:37:30 EST

Next message: Ingo Molnar: "Re: [PATCH 1/1] [x86] Configuration options to compile out x86 CPUsupport code"
Previous message: Ingo Molnar: "Re: [PATCH] x86: remove nesting CONFIG_HOTPLUG_CPU"
In reply to: david: "Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforonaccess scanning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> This "permitted to execute" is what I feel is the wrong aproach with
> respect to malware. If you simply allow everything to 'execute', I think
> that untrusted programs may still be used for usefull things, but without
> the potential do do malice. If you start from the point where everything
> both trusted and untrusted is permitted to be executed, you could make it
> the job of SELinux or any other LSM to make untrusted code run without
> doing malice, but with the possibility to still run and do usefull non
> malicious stuff. This might require some aditional hooks in LSM though I
> could imagine.

SELinux is quite happy to apply different rules to content labelled in
different ways. WHat specific things do you need that it can't do ?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: [PATCH 1/1] [x86] Configuration options to compile out x86 CPUsupport code"
Previous message: Ingo Molnar: "Re: [PATCH] x86: remove nesting CONFIG_HOTPLUG_CPU"
In reply to: david: "Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforonaccess scanning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]