RE: Kernel needs [was: SCO]

  • From: "Bell, John" <JBell@xxxxxxxxxxxx>
  • To: "'technocracy@xxxxxxxxxxxxxxxxx'" <technocracy@xxxxxxxxxxxxxxxxx>
  • Date: Fri, 14 Jul 2000 15:01:21 -0500

I already have a copy of NT...
--
JB

-----Original Message-----
From: Neil Doane [mailto:caine@xxxxxxxxxxxxxxxx]
Sent: Friday, July 14, 2000 3:58 PM
To: technocracy@xxxxxxxxxxxxxxxxx
Subject: Kernel needs [was: SCO]


* Steve Baker (ice@xxxxxxxxxxxxxxxxx) on [07-14-00 13:33] did utter:
> really, once you get down to it, a good VM, memory protection,
filesystems,
> networking and the like are all that really belong in the kernel 

I'm curious as to what people here think about integrated kernel-level 
security features like SecureBSD's MDA hash check-before-execute features or
the myriad kernel-level features of things like the Linux Intrusion
Detection System (www.lids.org) (send security alerts through network 
(mail/remote syslog/http POST) directly from kernel, or limiting access 
to raw devices or io ports to only pre-specified processes.)   I mean,
SecureBSD has a database of the checksums of every binary on its system
floating around in memory (I guess) and LIDS is implementing its own MTA 
_inside the kernel_ (among other things).  

Is this going overboard or not?  Opinions?




Neil




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~                  
       . /._ o /     --personal="caine@xxxxxxxxxxxxxxxx" 
      /|//- / /     --business="caine@xxxxxxxxxxx"
     / ''- / /__   --homepage="http://antediluvian.org/";
    '                                      
~~ http://angryflower.com/bobsqu.gif
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







Other related posts: