>>SELinux Mailing List

Contents

Overview

What's New

Frequently Asked Questions

Background

Documentation

License

Download

Participating

Mail List

Archive Summary

Archive by Thread

Archive by Author

Archive by Date

Archive by Subject

Remaining Work

Contributors

Related Work

Press Releases

Re: have you seen spfx2.c?

From: Grant Bayley <gbayley_at_ausmac.net>
Date: Sun, 2 Dec 2001 14:14:35 +1100 (EST)

What I don't understand with Linux users is the endless desire to prevent broken things by patching around them in the kernel.

Why not concentrate on cleaning up the userland apps in Linux in such a way that they're not overflowable in the first place?

No broken [suid | sgid | priviliged uid daemon ] userland apps means you have a substantially better chance of keeping a system secure without all the sleight of hand that lkms typically pull to prevent something bad from happening.

Think about this logic for a second, then check out:

http://www.openwall.com/Owl/

Grant

On Sun, 2 Dec 2001 0x@bk.ru wrote:

> have you seen the security module
> http://packetstorm.decepticons.org/linux/security/spfx2.c ?

--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Received on Sat 1 Dec 2001 - 22:24:35 EST

This message: [ Message body ]
Next message: Justin Smith: "X windows with i810 chip"
Previous message: 0x_at_bk.ru: "have you seen spfx2.c?"
In reply to: 0x_at_bk.ru: "have you seen spfx2.c?"
Next in thread: Stephen Smalley: "Re: have you seen spfx2.c?"
Reply: Stephen Smalley: "Re: have you seen spfx2.c?"
Reply: Dale Amon: "Re: have you seen spfx2.c?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

This archive was generated by hypermail 2.2.0 on Wed 11 Jun 2008 - 08:10:26 EDT