cyber-"terrorism"?
Ben Laurie
ben at algroup.co.uk
Wed, 18 Sep 2002 18:59:35 +0100
Brian Gladman wrote:
>>Ben Laurie wrote:
>>
>>
>>>I think their point, and I'm inclined to agree, is that of the things
>>>you say we need to be secure, the least important is the trusted boot -
>>>and if I have a security kernel running, I need it even less.
>>
>>What exactly is a "secure kernel" here? How does it help?
>
>
> http://www.nsa.gov/selinux/
>
> I couldn't resist posting this link on ukcrypto!
FreeBSD 5 has similar stuff (TrustedBSD was rolled in recently, I
believe), and all the BSDs have systrace. And a pile of related things.
More secure is EROS (http://www.eros-os.org/).
And so on.
However, none of them solve buffer overflows. They just mitigate their
awfulness.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff