> From: Bennett Todd <[EMAIL PROTECTED]>
>
> <snip>
>
> > Or are you of the opinion that real ACLs, MAC, role-based access,
> > etc. aren't useful to restrict compromise to the subset of
> > suitably-chosen components which may still have bugs, or the list
> > of not-as-suitably-chosen as you would have liked people?
>
> Not at all. Such bits (mjr coined a lovely phrase "orange book fairy
> dust blown onto an operating system") are a great idea, I've been
> looking forward to using them for many applications for some time.
> Basically, I think of their use in terms of sandboxing. The first
> thing I'll do when I can get 'em is wrap every web browser, every
> MUA, every other complex multi-media-handling gizmo that deals with
> untrusted input, so when they blow the schrapnel can't take out the
> entire system.
This is exactly how the trusted OSes are being used. A TOS can be
used to isolate PKI components, frontend (webserver) processes,
backend apps, interprocess communication, etc. In fact, the newest
generations of TOSes are advanced enough to be able to create "virtual
machines" on a single host, including the ability to give administrator
power within a single virtual machine.
The banks, financial institutions, ISPs, etc. have become pretty creative
when it comes to building an infrastructure on top of trusted OSes.
paul
---------------------------------------------------------
Paul A. McNabb, CISSP Argus Systems Group, Inc.
Senior Vice President and CTO 1809 Woodfield Drive
[EMAIL PROTECTED] Savoy, IL 61874 USA
TEL 217-355-6308
FAX 217-355-1433 "Securing the Future"
---------------------------------------------------------
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
