Linked by David Adams on Fri 10th Jun 2005 15:25 UTC, submitted by tm
Bugs & Viruses Many virus attacks aren't really exploiting weaknesses in your operating sytem: they're simply tricking you into telling the OS to do things that it shouldn't do. The OS is just doing its job, executing code when you say so. Researchers at HP Labs are working on a solution to this problem using the Principle of Least Authority, or POLA -- "limiting the rights of each program to only the ones needed for the job the user wants done"
Permalink for comment
To read all comments associated with this story, please click here.
by netpython on Fri 10th Jun 2005 16:03 UTC

In theory it sounds all promising.Often ironically with the introduction of such mechanisms additional attack vectors are introduced.Eg:"2004-05-13 - Systrace Local Root on NetBSD
A bug in systrace_exit() on NetBSD-current can be exploited to get local root privileges. Update your kernel if you are are running NetBSD-current." Or the infamous w3k /GS compiler switch,who should protect against stack smashing but de facto created an extra vector.