RE: Goal / Danger: Attack by malicious root

["Matthew Pemble" <mpemble@isintegration.com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Consider, for a moment, the irony here. 

For the record, the "boot from your own device" solution, I agree
with, as the only way of establishing trust in your OS (although
keystroke loggers that don't use OS functions, video capture devices
etc in tampered hardware can still get you).

Take a step back - we are assuming an attacker, whether a legitimate
holder of super-user privileges whom you do not want to have access
to your data or protection against an "Evil Minded Toad" who has
stolen root.  In the former case, limiting the privileges of the root
user through MAC is good protection (assuming you can generate or
request your own MAC labels and root is not the MAC privilege
assigner.)  In the latter case, if the lab environment allows you to
boot a CD, they don't need to "hack", they can craft a malicious
version of the OS and boot that.

You, a specialist user who reads a security mailing list may be safe,
but the vast majority of users will be at greater risk than if
booting from a CD was prevented.  Who are we trying to protect?  Us
or the normal user - consider, when your boss is writing your annual
report, will (s)he take these precautions.  Mine won't.

Matthew Pemble, Principal Consultant, IS Integration,
Preston Technology Management Centre, Marsh Lane, PRESTON,
Lancashire, PR1 8UD

Tel: +44 (0)1324 820690  Fax: +44 (0)1324 826034

Head Office: 
Tel: +44 (0)1772 885850  Fax: +44 (0)1772 558881
Mobile: +44 (0)7050 128620
Mailto:mpemble@isintegration.com  Web: http://www.isintegration.com

This email and any files transmitted with it are confidential and
intended
solely for the use of the individual or entity to whom they are
addressed.
If you have received this email in error please notify your system
manager
or IS Integration Limited on +44 (0) 1772 885850

Any Views expressed in this e-mail message are those of the
individual
sending the message, except where the sender specifically states them
to be
the views of IS Integration Limited. 

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOmQOhGrvMjpl5yaUEQLQwQCgjiquMMxqV4j54RiMZF0kptVtl2sAoOQm
NmCkT9tsDvLjwn6OyNGlMAlF
=/MHf
-----END PGP SIGNATURE-----


--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.