Timo Sirainen <[EMAIL PROTECTED]> wrote: > You're thinking about how to do it currently in UNIX world. I'm thinking > about adding new concepts in kernel level. systrace would be much more > closer to it than chroot jails.
Indeed, I've been thinking a lot about how to create the sort of desktop environment you describe, and I don't think it's 'properly' doable within the current Unix-style or Windows operating environments. It would require a pervasive system of fine-grained capabilities, from base OS level right up to user desktop services. Programs would have to get used to pre-requesting each service they require, and cope with being refused (either on policy grounds, or user choice, or the user themselves not having the required rights). There are also user interface concerns (ie. how to prevent an application 'faking' the system security interface). An attempt starting along these lines can be seen in Tiny Personal Firewall. Its interface isn't too great, it's not complete, and of course on a Windows platform there is nothing stopping a malicious process from subverting the protection, but it's an interesting glimpse at the sort of thing we might need. -- Andrew Clover mailto:[EMAIL PROTECTED] http://www.doxdesk.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html