A new kind of security needed
Chris Palmer
chris at noncombatant.org
Thu Jul 17 02:36:05 UTC 2008
Matt Reimer wrote:
> Is anyone else nervous trusting all his programs to have access to all
> his files? Is there already a reasonable solution to this problem?
http://www.cis.upenn.edu/~KeyKOS/Confinement.html
http://cr.yp.to/qmail/qmailsec-20071101.pdf
Also: CapDesk, Bitfrost, systrace, EROS/Coyotos
In general, solutions have proven to be vaporware, very burdensome to use
(systrace), or reduced in scope (Bernstein's single-source transforms). The
success rate is not zero, though, and I too crave a solution...
More information about the freebsd-security
mailing list