* dlambrouat_private (dlambrouat_private) wrote: > Just a quick question on the following rule: > 2. Trusted user, untrusted path = User is able to run the executable > > 1. Untrusted path contains untrusted code > 2. Trusted user has higher priviledges than untrusted > 3. Finally an untrusted user places an untrusted > file into an untrusted path, > and what you get is an untrusted application (Trojan) to be executed by a > trusted user! IIRC trusted user in this case essentially means can run arbitrary (potentially untrusted) code. IOW, the trusted user list should have no users in it by default, and is a mechanism to selectively turn off TPE. I'll have to go back and read about the older implementations though. thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed May 14 2003 - 11:40:58 PDT