From: don@research-cistw.saic.com (Don)
Subject: Re: NSA - Spook Linux
Date: Tue, 9 Jan 2001 18:30:29 -0800 (PST)
Next Article (by Date): Re: NSA - Spook Linux Amon Ott
Previous Article (by Date): Re: NSA - Spook Linux Stephen
Top of Thread: NSA - Spook Linux "Furmanek, Greg"
Next in Thread: Re: NSA - Spook Linux Amon Ott
Articles sorted by: [Date]
[Author]
[Subject]
Stephen Smalley <sds@tislabs.com> said: > In comparison to traditional lattice-based models like BLP and Biba, Type > Enforcement is better suited to providing integrity protection, especially I disagree. While forms of type enforcement are not the correct schema for an information flow model, there is surprising power in simply keeping compartments from interacting. My ramblings on the subject may be found at http://research-cistw.saic.com/cace/dte.html. You may remember me as the person who won in CTF server at Defcon last year for giving out rootshells on a linux box with DTE, an implementation I've written independantly. It's described at http://www.subterrain.net/~palante/defcon8.html. I'd be happy to discuss variations further... However I do agree with what you said about making applications unbypassable and tamperproof.. It is definately a strength. Ps the kernel oops I describe was an overflow due to some quirky behavior of the way I was doing things. Fortunately I fixed it *before* showing it off to the world... Tsk Tsk Tsk NSA.. - To unsubscribe from the rsbac list, send a mail to majordomo@rsbac.org with unsubscribe rsbac as single line in the body.
Next Article (by Date): Re: NSA - Spook Linux Amon Ott
Previous Article (by Date): Re: NSA - Spook Linux Stephen
Top of Thread: NSA - Spook Linux "Furmanek, Greg"
Next in Thread: Re: NSA - Spook Linux Amon Ott
Articles sorted by: [Date]
[Author]
[Subject]