On 8/12/2011 4:58 PM, David Barbour wrote:
On Fri, Aug 12, 2011 at 1:23 PM, BGB <cr88...@gmail.com
<mailto:cr88...@gmail.com>> wrote:
also, security-check models are well proven in systems like
Windows and Linux...
It is true that there are success stories using checked permissions.
But, for security, the successes aren't what you should be counting.
if one counts number of deployed production systems, they also have this...
my current planned strategy actually consists of making use of
*both* sets of strategies (in a sort of half-assed way).
I'm sure that strategy will lead you to a sort of half-assed security.
make it work now, fix problems later...
seems to generally work ok in many real-world environments...
in this case, the exploits help tell what all needs to be fixed (much
like crashes help with finding bugs, ...).
better than waiting around with a product forever stuck in beta testing
until it is "perfect".
anyway, if one throws multiple strategies at a problem, probably at
least one of them will work.
also, "perfect" systems have a bad habit of turning sour in production
environments, and many of the things which tend to work well are those
things which have been "beaten with 10000 hammers", as it were, and gain
their reputation by holding up effectively to whatever sorts of
challenges come their way, sort of like a race or gauntlet or similar...
then one faces setbacks and failures, patches them up, and continues on
ones' way, ...
ideally, IMO, the user retains roughly the same level of security
as before, but applications run under their own virtual users with
considerably less rights.
Look into PLASH and Polaris.
looked at Polaris earlier, seemed interesting...
PLASH doesn't pull up anything on Wikipedia, but found a link to it
using Google, yep...
_______________________________________________
fonc mailing list
fonc@vpri.org
http://vpri.org/mailman/listinfo/fonc