login
Login
/
Register
Search
Search this site:
Forums
News
Blogs
Features
Site
Home
»
Mailing list archives
»
linux-kernel
»
2008
»
August
»
15
Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforon access scanning
view
thread
Previous message: [
thread
] [
date
] [
author
]
Next message: [thread] [
date
] [
author
]
[view in full thread]
From: Alan Cox
Subject:
Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforon access scanning
Date: Friday, August 15, 2008 - 4:02 am
> The package manager approach is interesting in that it marks 'trusted',
quoted text
> and is thus permissive rather than restrictive. Maybe it would be possible > to extend on this and simply define a set of currently unprivileged access > as privileged for untrusted applications. That way you could allow > untrusted software to run without risk, even if that untrusted software > turns out to be malware. That is, it may be possible to solve the malware > problem in a much more fundamental way here by just allowing malware to > run without the need to know if it is malware, just by running untrusted > software with reduced privileges. >
Its called SELinux and SELinux can already do this sort of stuff, including things like "only rpm may create files you are permitted to execute" --
unsubscribe notice
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to
majordomo@vger.kernel.org
More majordomo info at
http://vger.kernel.org/majordomo-info.html
Please read the FAQ at
http://www.tux.org/lkml/
Previous message: [
thread
] [
date
] [
author
]
Next message: [thread] [
date
] [
author
]
Messages in current thread:
Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterf ...
, Rob Meijer
, (Fri Aug 15, 3:10 am)
Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterf ...
, Alan Cox
, (Fri Aug 15, 4:02 am)
Navigation
Create content
Mailing list archives
Recent posts
Popular discussions
linux-kernel
:
Ingo Molnar
Re: [patch] e1000=y && e1000e=m regression fix
Greg Kroah-Hartman
[PATCH 20/36] Driver core: Call device_pm_add() after bus_add_device() in device_a...
Boaz Harrosh
how to use KBUILD_EXTRA_SYMBOLS
Brandeburg, Jesse
RE: [regression] e1000e broke e1000 (was: Re: [ANNOUNCE] e1000 toe1000e migration ...
Pekka Enberg
Re: [PATCH] include/linux/slab.h: new KFREE() macro.
git
:
Bill Lear
cpio command not found
Jing Xue
Re: git rm --cached
Fredrik Kuivinen
Re: fatal: unable to create '.git/index': File exists
Johannes Schindelin
Re: [PATCH 1/3 v2] Implement the patience diff algorithm
Johannes Sixt
Re: How to pull remote branch with specified commit id?
linux-netdev
:
Jamie Lokier
Re: POHMELFS high performance network filesystem. Transactions, failover, performa...
Oliver Neukum
Re: [RFC] Patch to option HSO driver to the kernel
Paulius Zaleckas
Re: [RFC] Patch to option HSO driver to the kernel
Timo Teräs
ip xfrm policy semantics
Ron Mercer
[net-next PATCH 2/2] qlge: Version change to v1.00.00.27
openbsd-misc
:
Tomas Bodzar
Re: OpenSMTPd actual development and integration
Netmaffia.hu
Tini Lányok AKCIÓBAN OTTHON
Bryan Irvine
Re: DVD burn error: No space left on device
Sevan / Venture37
Re: This is what Linus Torvalds calls openBSD crowd
Siju George
This is what Linus Torvalds calls openBSD crowd
git-commits-head
:
Linux Kernel Mailing List
powerpc/fsl_msi: enable msi allocation in all banks
Linux Kernel Mailing List
[ARM] mmp: avengers lite (pxa168) board bring up
Linux Kernel Mailing List
via82cxxx: add support for VT6415 PCIE PATA IDE Host Controller
Linux Kernel Mailing List
checkpatch: warn on declaration with storage class not at the beginning
Linux Kernel Mailing List
USB: remove duplicate entry in Option driver and Pl2303 driver for Huawei modem
Colocation donated by:
Syndicate
