http://www.chrishowie.com/2006/12/31/linux-jailer/ Trading social skills for technical prowess since 1994 Tue, 06 Jan 2009 12:43:16 +0000 http://wordpress.org/?v=2.7 hourly 1 http://www.chrishowie.com/2006/12/31/linux-jailer/comment-page-1/#comment-3014 Chris Tue, 16 Oct 2007 16:17:53 +0000 http://www.chrishowie.com/2006/12/31/linux-jailer/#comment-3014 Not really like a Mac, no. I don't recall seeing any Mac that can prompt you for permission whenever any program wants access to a file in a certain directory, for example. The control is much more fine-grained. Not really like a Mac, no. I don’t recall seeing any Mac that can prompt you for permission whenever any program wants access to a file in a certain directory, for example. The control is much more fine-grained.

]]> http://www.chrishowie.com/2006/12/31/linux-jailer/comment-page-1/#comment-2995 Dan McCullum Tue, 16 Oct 2007 03:09:15 +0000 http://www.chrishowie.com/2006/12/31/linux-jailer/#comment-2995 Kind of like a Mac, eh? Kind of like a Mac, eh?

]]> http://www.chrishowie.com/2006/12/31/linux-jailer/comment-page-1/#comment-1300 Chris Mon, 13 Aug 2007 14:08:07 +0000 http://www.chrishowie.com/2006/12/31/linux-jailer/#comment-1300 You wouldn't easily be able to prevent code specifically designed to bypass the library. It's more intended to provide a quick preview of the system and to secure programs that are well-intended (e.g. your web browser) but that you want more control over. You wouldn’t easily be able to prevent code specifically designed to bypass the library. It’s more intended to provide a quick preview of the system and to secure programs that are well-intended (e.g. your web browser) but that you want more control over.

]]> http://www.chrishowie.com/2006/12/31/linux-jailer/comment-page-1/#comment-1272 Christian J. Sat, 11 Aug 2007 17:19:19 +0000 http://www.chrishowie.com/2006/12/31/linux-jailer/#comment-1272 And how would you prevent the program from removing the preload hooks, remapping the preload library readwrite and change it's code, calling the kernel directly w/o going through libc etc.? And how would you prevent the program from removing the preload hooks, remapping the preload library readwrite and change it’s code, calling the kernel directly w/o going through libc etc.?

]]> http://www.chrishowie.com/2006/12/31/linux-jailer/comment-page-1/#comment-415 chrishowie.com » Blog Archive » The Fuzz Wed, 10 Jan 2007 18:49:03 +0000 http://www.chrishowie.com/2006/12/31/linux-jailer/#comment-415 [...] I wrote a while ago about an idea to jail a Linux process, and a few nights ago I finally realized how I would implement it: D-Bus. A security manager installs itself in a well-known location on the session bus, and programs that know about it use it to request authorization before performing actions. I’m calling the D-Bus specification “Fuzz” for now. [...] [...] I wrote a while ago about an idea to jail a Linux process, and a few nights ago I finally realized how I would implement it: D-Bus. A security manager installs itself in a well-known location on the session bus, and programs that know about it use it to request authorization before performing actions. I’m calling the D-Bus specification “Fuzz” for now. [...]

]]>