xml-dev - RE: [xml-dev] Managing Innovation

RE: [xml-dev] Managing Innovation

[ Lists Home | Date Index | Thread Index ]

To: Dare Obasanjo <dareo@microsoft.com>
Subject: RE: [xml-dev] Managing Innovation
From: Rich Salz <rsalz@datapower.com>
Date: Tue, 30 Sep 2003 22:15:38 -0400 (EDT)
Cc: "xml-dev@lists.xml.org" <xml-dev@lists.xml.org>
In-reply-to: <830178CE7378FC40BC6F1DDADCFDD1D1CEBBE6@RED-MSG-31.redmond.corp.microsoft.com>

SELinux is neat, but it's not a requirement, and doesn't invalidate
the fact that the basic Unix security model is good.  If you consider
doing the equivalent of adding SELinux to NT-based Windows, then you
end up on a machine without a local Administrator. I bet that machine
wouldn't run. :)  So ref [0] is either a point for Unix, or a wash.

As for ref [1], same argument.  The basic model is solid.  It is quite
reasonable to allocate system resources and then renounce privileges;
I'll point to my own Usenet/NNTP (INN) system as one good example.

> [0] http://www.nsa.gov/selinux/faq.html#I2
> [1] http://books.rsbac.org/unstable/x115.html

Still waiting for the punchline...
        /r$

--
Rich Salz                  Chief Security Architect
DataPower Technology       http://www.datapower.com
XS40 XML Security Gateway  http://www.datapower.com/products/xs40.html
XML Security Overview      http://www.datapower.com/xmldev/xmlsecurity.html

References:
- RE: [xml-dev] Managing Innovation
  - From: "Dare Obasanjo" <dareo@microsoft.com>

Prev by Date: RE: [xml-dev] Managing Innovation
Next by Date: RE: [xml-dev] Managing Innovation
Previous by thread: RE: [xml-dev] Managing Innovation
Next by thread: RE: [xml-dev] Managing Innovation
Index(es):
- Date
- Thread