Many virus attacks aren’t really exploiting weaknesses in your operating sytem: they’re simply tricking you into telling the OS to do things that it shouldn’t do. The OS is just doing its job, executing code when you say so. Researchers at HP Labs are working on a solution to this problem using the Principle of Least Authority, or POLA — “limiting the rights of each program to only the ones needed for the job the user wants done”
At least the gist of it?
Yup, they saw grsecurity, selinux, pam, then they do their own, patent it, licence to the masses, profit upon.
or systrace in NetBSD.
I would have thought a usable would first appear for Open Source software. Microsoft don’t want to do it, so it is incredibly that HP can make it happen for software they don’t even have the source for.
There is _no_ system that implements this at the desktop level at the moment. selinux only cover administrative task, and does not protect one program/file from another.
There is a lot of talk about making dbus the default security mechanism for programs for mozilla and gnome, but it haven’t changed much yet.
The easiest way is still to make a new user for every file you open. With a little script it is very easy to create a new user, copy the file, and open it as that user in Linux. It practically gives you the same as this method.
> There is a lot of talk about making dbus the default
> security mechanism for programs for mozilla and gnome,
> but it haven’t changed much yet.
DBUS is a communications API not a security system.
Rich.
In theory it sounds all promising.Often ironically with the introduction of such mechanisms additional attack vectors are introduced.Eg:”2004-05-13 – Systrace Local Root on NetBSD
A bug in systrace_exit() on NetBSD-current can be exploited to get local root privileges. Update your kernel if you are are running NetBSD-current.” Or the infamous w3k /GS compiler switch,who should protect against stack smashing but de facto created an extra vector.
This software is actually called Polaris, and it’s really quite cool. You can read up on it at http://www.hpl.hp.com.nyud.net:8090/personal/Alan_Karp/polaris.pdf
I believe that the project is associated with the work done on the E language at http://www.erights.org
does anyone know if there is a (working) kernel/security event log mechanism for linux and *bsd that is like the solaris BSM.
openbsm isn’t in a workuing state yet.
searches only show old outdated linux modules.
“Many virus attacks aren’t really exploiting weaknesses in your operating sytem: they’re simply tricking you into telling the OS to do things that it shouldn’t do.”
There are many ways virus writers exploit weaknesse in system design:
** Remember the attachments thta Outlook would execute automatically? If that wasn’t a system weakness, what is?
** Crummy software management that permits malware to install itself in a way that is becomes hard to dislodge. Write an OS where software cannot hide. No registry; a mandatory install log that allows the OS to remove any file that came with the install, no matter where it went; a strict system for programs that can launch at startup; etc.
** The OS should recognize how an executable entered the system and react accordingly. If the file came by a channel that is typical for malware (e-mail, IM), the OS should ask that extra question on install.
“** The OS should recognize how an executable entered the system and react accordingly. If the file came by a channel that is typical for malware (e-mail, IM), the OS should ask that extra question on install.”
Asking users “if they are sure” is silly.
You could pop up 100 “are you sure?” messages and still the user would just click through them all.
Protecting one’s computer from ‘virus’ attack is rather simple. Run as a low privillage user and Just don’t run untrusted executables.
is there a simple method to know what executable files(.exe) have been downloaded in my pc after a day’s work?
thanks
“There are many ways virus writers exploit weaknesse in system design: ”
Yep. We keep this Windows box patched religiously and have Symantec AntiVirus Corporate Edition, and things still get through even without clicking on attachments in email and without visiting porn sites and such. One gets tired of constantly being under siege from malware.
“There are many ways virus writers exploit weaknesse in system design”
Yep. We keep this machine patched religiously and run Symantec AntiVirus, and malware still gets through. This is without clicking on any email attachments or visiting porn sites. One gets tired of being under siege from malware.
Now research centers lag against even OSS software (which some people tend to call uninnovative and catching last).
That’s just cool, they finally started researching thing SELinux is doing for quite some time.
And, well, Java doing for like a DECADE. Check java security system, it’s exactly about that!
Of course, I understand, innovation ‘happens’ only when brought on windows. What a mess! Windows morons.
“The result: Standard programs, like Microsoft Word, are limited so that they can edit the document you have open and nothing else.”
Did these guy hear about Word macro viruses? That type of viruses which only “edits” the document you have open and nothing else.
>There is _no_ system that implements this at the desktop >level at the moment. selinux only cover administrative task, >and does not protect one program/file from another.
do you really understand selinux???? i doubt that.
>is there a simple method to know what executable files(.exe)
>have been downloaded in my pc after a day’s work?
There are programs like Tripwire which’ll alert you whenever there are changes to your machine’s filesystems.
So they are implementing Niels Provos idea of a firewall/control of what system calls a program can do ? Been done for years and it’s running on OpenBSD already.
Protection systems like this have been around for a long time. The first example I know of is “TRON” from 1995 (http://www.selberg.org/~speed/papers/tron/tron/tron.html).
The problem is not the protection mechanisms, but how to make them easy to administer for the admins and users. If the users have to struggle to make things work, they will rather suffer from the occational virus.
What is needed is a system, on the OS level, which can manage installation of programs, and the assignment of privileges/capabilities to these programs. When the protection mechanisms are easy to use they will be widespread.
Did these guy hear about Word macro viruses? That type of viruses which only “edits” the document you have open and nothing else.
Hence the term “Principle of Least Authority”. Would you rather have your Word documents “edited” or the whole user home/harddrive? Your Word documents would qualify for the “least authority” criteria. Your Word program wouldn’t really be that usable if it could not edit Word files…