Linked by David Adams on Fri 10th Jun 2005 15:25 UTC, submitted by tm
Bugs & Viruses Many virus attacks aren't really exploiting weaknesses in your operating sytem: they're simply tricking you into telling the OS to do things that it shouldn't do. The OS is just doing its job, executing code when you say so. Researchers at HP Labs are working on a solution to this problem using the Principle of Least Authority, or POLA -- "limiting the rights of each program to only the ones needed for the job the user wants done"
Permalink for comment
To read all comments associated with this story, please click here.
Incredible
by Anonymous on Fri 10th Jun 2005 15:45 UTC

I would have thought a usable would first appear for Open Source software. Microsoft don't want to do it, so it is incredibly that HP can make it happen for software they don't even have the source for.

There is _no_ system that implements this at the desktop level at the moment. selinux only cover administrative task, and does not protect one program/file from another.

There is a lot of talk about making dbus the default security mechanism for programs for mozilla and gnome, but it haven't changed much yet.
The easiest way is still to make a new user for every file you open. With a little script it is very easy to create a new user, copy the file, and open it as that user in Linux. It practically gives you the same as this method.