On Thu, 02 Sep 2010 20:47:03 +0200, Pavel Kankovsky said: > On Tue, 31 Aug 2010 Valdis.Kletnieks@xxxxxx wrote: > > > Only if your OS's security model understands the fact that executable > > code and data belong in different security domains and thus different > > rules should apply about what files to "trust" in each category. > > If your OS's security model "understands" programs and data belong in > different security domains then every instruction of code on your computer > is trusted to enforce that policy. Your line of defence goes through every > program and any bug can breach it. The failure is inevitable. [1] > > [1] P. A. Loscocco, S. D. Smalley, P. A. Muckelbauer, R. C. Taylor, > S. J. Turner and J. F. Farrell, "The Inevitability of Failure: The Flawed > Assumption of Security in Modern Computing Environments", In Proceedings > of the 21st National Information Systems Security Conference, 1998, > pp. 303--314 > <http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.117.5890> Yeah, but hacking a Harvard architecture is still balls harder than hacking a von Neumann architecture. ;)
Attachment:
pgptyneBiEG5Z.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/