Downgrading labels
Ilmar S. Habibulin
ilmar at watson.org
Tue Mar 29 07:35:20 GMT 2005
There is another one possibility to break mls/biba policies -- sometimes
programms contain buffer overuns, so they are vulnerable to buffer overun
attacks. And if we have loyal user with floating labels ability, he/she
can use vulnerable programm. Attacker can use buffer overun to
execute arbitrary code, which will be cause information downgrade without
legal user notice/will/etc. It is only a possibility, but this possibility
is not equal to zero. And one of MAC policies (especially biba and mls)
advantage compared to DAC is trojan horse protection.
I will be glad to hear that i'm wrong.
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list