Hi Mehmet,
Thank you for your suggestion to use IMA appraisal.
I'm sorry for the delay in replying to you. I'm studying IMA appraisal.
There is something I don't understand yet. Could you please teach me
the following items?
We assume that "fixing" has already finished and that IMA appraisal
is r
Casey Schaufler wrote:
> On 5/30/2017 4:11 AM, Masanobu Koike wrote:
> > WhiteEgret is an LSM to simply provide a whitelisting-type
> > execution control.
> >
> > An execution-whitelist, simply called whitelist, is a list
> > of executable components (e.g., applications, libraries)
> > that are app
> On Jun 3, 2017, at 10:21 PM, Peter Dolding wrote:
>
> On Thu, Jun 1, 2017 at 1:36 AM, Mehmet Kayaalp
> wrote:
>>
>>> On May 31, 2017, at 6:59 AM, Peter Dolding wrote:
>>>
>>> Number 1 we need to split the idea of signed and whitelisted. IMA is
>>> signed should not be confused with white
Quoting Peter Dolding (oia...@gmail.com):
> On Thu, Jun 1, 2017 at 1:35 AM, Serge E. Hallyn wrote:
> > Quoting Casey Schaufler (ca...@schaufler-ca.com):
> >>
> >>
> >> On 5/31/2017 3:59 AM, Peter Dolding wrote:
> >> > ...
> >> >
> >> > Like you see here in Australian government policy there is ano
On Thu, Jun 1, 2017 at 1:35 AM, Serge E. Hallyn wrote:
> Quoting Casey Schaufler (ca...@schaufler-ca.com):
>>
>>
>> On 5/31/2017 3:59 AM, Peter Dolding wrote:
>> > ...
>> >
>> > Like you see here in Australian government policy there is another
>> > thing called whitelisted.
>> > https://www.asd.g
On Thu, Jun 1, 2017 at 1:36 AM, Mehmet Kayaalp
wrote:
>
>> On May 31, 2017, at 6:59 AM, Peter Dolding wrote:
>>
>> Number 1 we need to split the idea of signed and whitelisted. IMA is
>> signed should not be confused with white-listed.You will find
>> policies stating whitelist and signed a
On Fri, Jun 2, 2017 at 10:00 PM, Casey Schaufler wrote:
> A 'user' attribute can be set by the file owner. A 'security'
> attribute requires privilege. SELinux and Smack use 'security'
> attributes to prevent users from mucking with them. You need
> to create module hooks for manipulating them,
On 6/2/2017 10:39 AM, Steve Kemp wrote:
>> Create an security module that looks for the attribute
> For what it is worth I thought this seemed like an interesting project
> for a beginner, so I did just that. I wrote up the experience here:
>
> https://blog.steve.fi/so_i_accidentally_wrote_a_linux
> Create an security module that looks for the attribute
For what it is worth I thought this seemed like an interesting project
for a beginner, so I did just that. I wrote up the experience here:
https://blog.steve.fi/so_i_accidentally_wrote_a_linux_security_module.html
In short it was a very s
> -Original Message-
>
> On Tue, May 30, 2017 at 08:11:57PM +0900, Masanobu Koike wrote:
> > An execution-whitelist, simply called whitelist, is a list
> > of executable components (e.g., applications, libraries)
> > that are approved to run on a host. The whitelist is used
> > to decide w
Quoting Casey Schaufler (ca...@schaufler-ca.com):
>
>
> On 5/31/2017 3:59 AM, Peter Dolding wrote:
> > ...
> >
> > Like you see here in Australian government policy there is another
> > thing called whitelisted.
> > https://www.asd.gov.au/publications/protect/top_4_mitigations_linux.htm
> > Matth
> On May 31, 2017, at 6:59 AM, Peter Dolding wrote:
>
> Number 1 we need to split the idea of signed and whitelisted. IMA is
> signed should not be confused with white-listed.You will find
> policies stating whitelist and signed as two different things.
IMA-appraisal can do both. If the s
On 5/31/2017 3:59 AM, Peter Dolding wrote:
> ...
>
> Like you see here in Australian government policy there is another
> thing called whitelisted.
> https://www.asd.gov.au/publications/protect/top_4_mitigations_linux.htm
> Matthew Garrett you might want to call IMA whitelisting Australian
> gove
On Wed, May 31, 2017 at 6:50 AM, Matthew Garrett wrote:
> On Tue, May 30, 2017 at 08:11:57PM +0900, Masanobu Koike wrote:
>> An execution-whitelist, simply called whitelist, is a list
>> of executable components (e.g., applications, libraries)
>> that are approved to run on a host. The whitelist i
On Tue, May 30, 2017 at 08:11:57PM +0900, Masanobu Koike wrote:
> An execution-whitelist, simply called whitelist, is a list
> of executable components (e.g., applications, libraries)
> that are approved to run on a host. The whitelist is used
> to decide whether executable components are permitted
On 5/30/2017 4:11 AM, Masanobu Koike wrote:
> WhiteEgret is an LSM to simply provide a whitelisting-type
> execution control.
>
> An execution-whitelist, simply called whitelist, is a list
> of executable components (e.g., applications, libraries)
> that are approved to run on a host. The whitelist
WhiteEgret is an LSM to simply provide a whitelisting-type
execution control.
An execution-whitelist, simply called whitelist, is a list
of executable components (e.g., applications, libraries)
that are approved to run on a host. The whitelist is used
to decide whether executable components are pe
17 matches
Mail list logo
