Re: which do you think can provide better protection against Trojan horses?

Hi,

which do you think can provide better protection against Trojan horses: Access Control Lists or Capabilities?

Capabilities.

ACLs work nicely for protecting users from each other. I can put an ACL
on my department's shared drive and stop outsiders from accessing it. I
can put another ACL on the managers' folder and keep non-managers out.

But when dealing with trojan horses, we have a different security
problem than protecting users from each other. We need to protect a user
from a malicious program running under their identity.

This is where ACLs break down, as the malicious program gets all the
same rights as the user.

However, in a capabilities model, each program would only get the
absolute minimum capabilities it needs to do its job and not all the
rights of a user. A trojan horse is better contained.

Paul

--
Pentest - When a tick in the box is not enough

Paul Johnston - IT Security Consultant / Tiger SST
Pentest Limited - ISO 9001 (cert 16055) / ISO 27001 (cert 558982)

Office: +44 (0) 161 233 0100
Mobile: +44 (0) 7817 219 072

Email policy: http://www.pentest.co.uk/legal.shtml#emailpolicy
Registered Number: 4217114 England & Wales
Registered Office: 26a The Downs, Altrincham, Cheshire, WA14 2PU, UK

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Relevant Pages

  • Re: about common group & user ID space (PR kern/14584)
    ... most security "extensions" I've seen contain relatively ... many applications exist that make strong ... permissions: uid 0 and the uid used to represent NOVAL in vop_setattr ... I should take a moment also to respond to your comments on ACLs. ...
    (FreeBSD-Security)
  • Re: how to run application(exe) in browser
    ... directories, etc., in the usual way we handle ACLs. ... Another ActiveX control that exists on my machine might NOT ... We have a whole security mechanism in the kernel which is ... COMPLETELY IGNORED by these kludges of scripting. ...
    (microsoft.public.vc.mfc)
  • Re: Security groups, ntfs access lists and active directory synchroniz
    ... You can get the SID of the security principal from AD by reading the ... if the %logonserver% is the same as the domain controller ... how can I force the windows service to use the same ... controller to resolve names to SID in order to use them with ACLs, ...
    (microsoft.public.dotnet.security)
  • RE: Cisco ACL Question
    ... It seems that you are on the right track in being interested in security. ... There are many ways to bypass ACLs, ... I have a question about the following inbound Cisco ACL entry... ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
    (Security-Basics)
  • RE: Unexpected PolicyException thrown on System config file
    ... you should not have to add the IIS account to the ACLS. ... If you have not modified any security policies pertaining to the .NET ... © 2002 Microsoft Corporation. ... | Content-Type: text/plain; ...
    (microsoft.public.dotnet.framework.aspnet.security)