From: Luke Kenneth Casson Leighton <lkcl@lkcl.net>
To: Chris Babcock <cbabcock@luthresearch.com>
Cc: mayerf@tresys.com, "'SELinux List'" <selinux@tycho.nsa.gov>
Subject: Re: FW: XP as a base for NetTop
Date: Sat, 29 May 2004 15:26:49 +0000 [thread overview]
Message-ID: <20040529152649.GA2569@lkcl.net> (raw)
In-Reply-To: <1985.68.6.187.64.1085615340.squirrel@mxlx1.surveysavvy.com>
On Wed, May 26, 2004 at 04:49:00PM -0700, Chris Babcock wrote:
> > Stephen Smalley wrote:
> >> Looks like Microsoft is indeed pushing an XP-based NetTop
> >> called Trusted Multi-Net/Typhon XP, e.g.:
> >>
> >> http://www.computerweekly.com/Article123730.htm
> >>
> > http://download.microsoft.com/download/4/f/8/4f89f896-f020-46d1-adc0-08a18c8432d
> > 5/Trusted%20Multi-Net%20for%20SSE%202003.ppt
> >
>
> Interesting.
>
> The slides indicate that in their system threads are able to change what
> context they run in.
>
> It makes me wonder if they have some magic to prevent threads from
> poluting shared data (unlikely), or if it is just a hack to avoid process
> vs. thread design issues on windows.
NT's security model uses DCE/RPC applications to compartmentalise
pretty much everything.
the creation of new processes therefore takes a stunningly long time
(relatively speaking) due to having to go in and out of another
application in order to vet the user's access rights.
the advantage is that process creation can in theory be vetted
and controlled by a remote and centralised NT "primary domain
controller", with the obvious implications:
1) you always have to have a connection to \\yourpdc\PIPE\NETLOGON
2) process creation could be severely delayed if that connection is
disrupted.
consequently, to avoid any significant delays, threading is highly
recommended in NT "services".
i presume that it is possible to cache security contexts and then
make a rapid switch to them?
makes me wonder why they didn't do the same sort of thing for processes.
oh well.
l.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
prev parent reply other threads:[~2004-05-29 21:09 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-05-26 21:15 FW: XP as a base for NetTop Frank Mayer
2004-05-26 23:49 ` Chris Babcock
2004-05-27 8:07 ` Luke Kenneth Casson Leighton
2004-05-27 17:38 ` Dr. Eugene D. Myers
2004-05-27 17:43 ` Dr. Eugene D. Myers
2004-05-27 23:52 ` Joshua Brindle
2004-05-29 8:28 ` Luke Kenneth Casson Leighton
2004-05-29 10:12 ` kris carlier
2004-06-01 17:39 ` Stephen Smalley
2004-06-01 20:19 ` Luke Kenneth Casson Leighton
2004-06-02 6:27 ` Richard Sharpe
2004-06-02 11:09 ` Luke Kenneth Casson Leighton
2004-05-28 20:08 ` Luke Kenneth Casson Leighton
2004-05-27 18:04 ` FW: " Stephen Smalley
2004-05-29 15:26 ` Luke Kenneth Casson Leighton [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040529152649.GA2569@lkcl.net \
--to=lkcl@lkcl.net \
--cc=cbabcock@luthresearch.com \
--cc=mayerf@tresys.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.