Quoting Niki Rahimi <narahimiat_private>: > dlambrouat_private wrote: > > >Just a quick question on the following rule: > >2. Trusted user, untrusted path = User is able to run the executable > > >1. Untrusted path contains untrusted code > >2. Trusted user has higher priviledges than untrusted > >3. Finally an untrusted user places an untrusted > >file into an untrusted path, > >and what you get is an untrusted application (Trojan) to be executed by a > >trusted user! > > dlambrou, > What was your questions, exactly? I see your point and will make note. The > module can solve certain scenarios and the rest could be approached in > other ways. Question I have, how to approach said situation? > Maybe : 2. Trusted user, untrusted path = User is NOT able to run the executable ?? > Thanks, > Niki > > > Niki A. Rahimi > LTC Security Development > narahimiat_private > (512)838-5399 > > > --------------------------------------------------------- Demetrios Lambrou http://crazylinux.net You can always get my public key block from http://crazylinux.net/public.asc Fingerprint: C7B3 A112 3704 7202 2B33 6B28 5418 78DD 774A 7BCB _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed May 14 2003 - 11:38:34 PDT