Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfaceforon access scanning

!MAILaRCHIVE_VOTE_RePLACE
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
To: Rik van Riel <riel@...>
Cc: <david@...>, Eric Paris <eparis@...>, Theodore Tso <tytso@...>, <davecb@...>, <linux-security-module@...>, Adrian Bunk <bunk@...>, Mihai Don??u <mdontu@...>, <linux-kernel@...>, <malware-list@...>, Arjan van de Ven <arjan@...>
Date: Tuesday, August 19, 2008 - 6:41 am

On Sun 2008-08-17 20:07:39, Rik van Riel wrote:

Don't mix exploits with viruses -- they are different.

Exploit is where application does something very unexpected due to a
bug.

Virus is where machine works correctly, but user does something
stupid.

For exploits, randomization + patching + compartments seem like a
solution. We should be working on "how to confine openoffice.org so
that it can't do much damage" instead of "how to detect .doc documents
that makes openoffice.org do something unexpected".

									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:
Sidebar to [malware-list] [RFC 0/5] [TALPA] Intro to a linux..., David Collier-Brown, (Wed Aug 6, 7:40 am)
Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linuxinterfa..., David Collier-Brown, (Mon Aug 11, 12:11 pm)
Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linuxinterfa..., Arjan van de Ven, (Wed Aug 13, 10:28 am)
Re: [malware-list] [RFC 0/5] [TALPA] Intro to alinuxinterfac..., Pavel Machek, (Tue Aug 19, 6:41 am)
Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linux interf..., David Collier-Brown, (Wed Aug 6, 7:31 am)