| |||||||||||||
Processes snooping others' memoryProcesses snooping others' memoryPosted Feb 6, 2012 20:27 UTC (Mon) by quotemstr (subscriber, #45331)In reply to: Processes snooping others' memory by fuhchee Parent article: Security quotes of the week
> It's not a user/account ptracing his own programs. It's a *program* ptracing other programs.
A program by necessity runs with some user account credentials. My point is that it's useful to look at security at the boundaries between accounts, but looking at security at the boundaries between processes in the same account (SELinux aside) is futile and dangerous.
(Log in to post comments)
Processes snooping others' memory Posted Feb 12, 2012 4:54 UTC (Sun) by zooko (subscriber, #2589) [Link]
The Capsicum project, now deployed in FreeBSD (https://plus.google.com/108313527900507320366/posts/8S1HF... ) seems to be offering a way to encapsulate your code so that if there is a bug in your code which allows it to be taken over by an attacker, it is still limited in the amount of damage it can do. The tricky part is to achieve this while not limiting the amount of good it can do when it is behaving properly. Capsicum sounds like a promising approach to that.
One good argument for enforcing security boundaries between programs (when possible) is the topic of the original story here: it is what users and programmers expect! Security mechanisms work best when they do what users and programmers think they do.
There's apparently no reason in principle that Capsicum couldn't be ported to Linux.
|
|||||||||||||