Re: POSIX

l4-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: POSIX

From:	Jonathan S. Shapiro
Subject:	Re: POSIX
Date:	Thu, 27 Oct 2005 10:40:37 -0400

On Thu, 2005-10-27 at 11:58 +0200, Alfred M. Szmidt wrote:
>    Note that turning off home directory before opening the network
>    port is NOT good enough!
> 
> You say that it isn't good enough, without explaining why.

It would not be bad to try to think things out for yourself once in a
while. Everybody here needs to start thinking about design from the
attacker point of view in order to be able to evaluate their designs.

To answer your question:

Once the hostile program can read my home directory, I must assume that
it *has* read my home directory. After this, cutting off access to the
directory will not prevent disclosure over the network of my current
content. Therefore, cutting off the home directory before enabling the
network connection is insufficient.

shap

[Prev in Thread]

Current Thread

[Next in Thread]

Re: POSIX, (continued)

Prev by Date: Changing from L4 to something else...
Next by Date: Re: design goals vs mechanisms (was: Re: Let's do some coding :-)
Previous by thread: Re: POSIX
Next by thread: Re: Let's do some coding :-)
Index(es):
- Date
- Thread