jmjonesat_private wrote: > On 21 Jul 2001, David Wagner wrote: > > > Jesse Pollard wrote: > > >All of the systems I've used have MAC evaluated before DAC. [...] > > >It's also a bit more efficient for denial - [...] > > > > Why does the efficiency of denied requests matter? > > I couldn't think of any reason why we would want to optimize > > the performance of illegal operations. What am I missing? > > My thinking is that it doesn't matter. If you want to refuse, the > cost really doesn't matter. HOWEVER, the cost of DETECTING a refusal > (before it is decided) is significant and should be minimized. Actually, there is some quite interesting research into the idea that if an application does too many weird things (such as accesses that get denied) the OS should start slowing the application down. If the OS applies exponential slowdown, then the occasional "oops" doesn't impact legitimate apps, but a determined effort to find a hole results in the application slowing to a crawl. Work by Anil Somayaji http://www.cs.unm.edu/~soma/pH/ Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Jul 20 2001 - 23:52:25 PDT