[Dailydave] Is Windows Integrity Control in Vista really worth the performance hit? And does it really work?
Rodrigo Rubira Branco (BSDaemon)
rodrigo at kernelhacking.com
Thu Mar 1 14:12:41 EST 2007
Hello Steve, tks for your reply!
> Any kernel exploit that allows writing to arbitrary kernel memory can
potentially defeat any kernel protection mechanism.
Sure, but i dont like any in the keyword... when you have pax + stmichael
you dont just need arbitrary kernel writting but also multiple writes and
lots of things to discover...
> We got eal4+ without SE Linux as part of the eval.
Yeah, it depends of the TE of the certification, the new level and TE is
really dependent of selinux... in any way i have said about eal4+ just
because i seen in this link
http://www.internetnews.com/security/article.php/3551616
> > using the LSM framework... its more bugged than great (who don´t
agree with me??).
>
> I don't agree with you. I don't have any bug report in our bugzilla that
is traced to the kernel implementation.
Its a design error, not necessarily implementation one... because that we
see lots of discussion regarding how to remove it ;) I dont like so many
exported hooks in my kernel... in any way I wanna know your opinion about
another point that is learning-mode systems... i have a discussion about
that with Joshua in the past, but no conclusions...
cya,
Rodrigo (BSDaemon).
--
http://www.kernelhacking.com/rodrigo
Kernel Hacking: If i really know, i can hack
GPG KeyID: 5E90CA19
________________________________________________
Message sent using UebiMiau 2.7.2
More information about the Dailydave
mailing list