Re: [AppArmor 01/41] Pass struct vfsmount to the inode_create LSM hook

From: Valdis . Kletnieks
Date: Fri Jun 01 2007 - 13:44:52 EST

Next message: Andi Kleen: "Re: [patch 2/9] Conditional Calls - Hash Table"
Previous message: Jeff Garzik: "Re: Linux v2.6.22-rc3"
In reply to: Pavel Machek: "Re: [AppArmor 01/41] Pass struct vfsmount to the inode_create LSM hook"
Next in thread: david: "Re: [AppArmor 01/41] Pass struct vfsmount to the inode_create LSMhook"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 24 May 2007 14:47:27 -0000, Pavel Machek said:
> Yes, if there's significantly more remote bad guys than local bad
> guys, and if remote bad guys can't just get some local user first, AA
> still has some value.

Experience over on the Windows side of the fence indicates that "remote bad
guys get some local user first" is a *MAJOR* part of the current real-world
threat model - the vast majority of successful attacks on end-user boxes these
days start off with either "Get user to (click on link|open attachment)" or
"Subvert the path to a website (either by hacking the real site or hijacking
the DNS) and deliver a drive-by fruiting when the user visits the page".

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Andi Kleen: "Re: [patch 2/9] Conditional Calls - Hash Table"
Previous message: Jeff Garzik: "Re: Linux v2.6.22-rc3"
In reply to: Pavel Machek: "Re: [AppArmor 01/41] Pass struct vfsmount to the inode_create LSM hook"
Next in thread: david: "Re: [AppArmor 01/41] Pass struct vfsmount to the inode_create LSMhook"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]