[Cryptography] North Korea and Sony

[Tom Mitchell]

On Sat, Dec 13, 2014 at 5:19 AM, Jerry Leichter <leichter at lrw.com> wrote:

> On Dec 12, 2014, at 6:31 PM, Bill Frantz <frantz at pwpconsult.com> wrote:
> >> BTW, it's this repurposing of the user ID mechanism that makes it
> complicated to support multiple users on devices running these OS's.
> >
> > I think Polaris dynamically added UserIDs as needed. I don't see how
> that would interfere with having two or more users on a machine, as long as
> the "real" users had different names from the shadow IDs, and that could be
> done with a naming convention.
> You end up with a user id for every user/program pair, as you certainly
> don't want to move inter-user controls into each program.  With only a
> single user, the classic suid mechanism grants the right access to a
> program while it's running; with multiple users, you'll need something more
> elaborate.
>
> Certainly not impossible, just much more complicated.
>

We should include group IDs as well as the SELinux labels.

The nice thing about GIDs is that they can be shared and
a user and process can have multiple groups.

SELinux: Contexts and labels, is under appreciated especially
when combined with data files and SGID and SUID flags on
executables.

I suspect the necessary tools are present but the difficult policy
decisions that plague all security systems are wanting.

See also "Smack"   http://en.wikipedia.org/wiki/Smack_%28software%29
Smack is the main access control mechanism for the MeeGo mobile Operating
System.[3][4] It is also used to sandbox HTML5 web applications in the
Tizen architecture,[5] in the commercial Wind River Linux solutions for
embedded device development,[6][7] and in Philips Digital TV products.[8]




-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141213/bbb7f356/attachment.html>