Re: A new kind of security needed



Matt Reimer wrote:

Is anyone else nervous trusting all his programs to have access to all
his files? Is there already a reasonable solution to this problem?

http://www.cis.upenn.edu/~KeyKOS/Confinement.html

http://cr.yp.to/qmail/qmailsec-20071101.pdf

Also: CapDesk, Bitfrost, systrace, EROS/Coyotos

In general, solutions have proven to be vaporware, very burdensome to use (systrace), or reduced in scope (Bernstein's single-source transforms). The success rate is not zero, though, and I too crave a solution...

_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"