Re: LIDS 2.2.0rc1 for kernel 2.6.6 is out

From: Crispin Cowan (crispin@private)
Date: Sun Jun 13 2004 - 11:20:13 PDT

  • Next message: Yuan Chunyang: "a question about coming from security_socket_getpeersec ?"

    Michael Dean wrote:
    
    > could you explain to me, simply, the advantages of lids over selinux?  
    > Thanks
    
    For a substantial treatment on the relative merits of a broad selection 
    of intrusion prevention technologies, including several LSM packages 
    (SELinux, DTE, and SubDomain) consider this book chapter:
    
        "Survivability: Synergizing Security and Reliability". Crispin
        Cowan. Book chapter in "Advances in Computers", Marvin V. Zelkowitz
        editing, Academic Press, 2004.  Buy "Advances in Computers" 60 here
        <http://www.elsevier.com/wps/find/bookdescription.cws_home/702750/description>.
        Chapter here PDF <http://immunix.com/%7Ecrispin/survivability.pdf>.
    
    Unfortunately, the chapter does not specifically address LIDS. LIDS 
    borrows some design elements from SubDomain (modeling access control on 
    relating programs to accesses instead of users) but inverts it: 
    SubDomain specifies the files a program can access, while (IIRC) LIDS 
    specifies the programs that may access a file.
    
    I don't know where the notion of listing the files that a program may 
    access came from. It has antecedents in Janus (Goldberg, Wagner, Thomas, 
    and Brewer, USENIX Security 1996) and TRON (Bermin, Bourassa, and 
    Selberg, USENIX 1995).
    
    The latter concept of listing the programs that may access a file was 
    originally introduced in the PACLs (Program Access Control Lists) paper 
    in 1990:
    
    @inproceedings{
        pacl90,
        author = "D.R. Wichers and D.M. Cook and R.A. Olsson and J.
            Crossley and P. Kerchen and K. Levitt and R. Lo",
        title = "{PACL's: An Access Control List Approach to Anti-viral
            Security}",
        booktitle = "Proceedings of the 13th National Computer Security 
    Conference",
        address = "Washington, DC",
        pages = "340--349",
        month = "October 1-4",
        year = 1990
    }
    
    Which of these concepts is "better" depends on what you are trying to 
    assure.
    
    Crispin
    
    -- 
    Crispin Cowan, Ph.D.  http://immunix.com/~crispin/
    CTO, Immunix          http://immunix.com
    



    This archive was generated by hypermail 2b30 : Sun Jun 13 2004 - 11:21:08 PDT