http://www.usefulsecurity.com Solving real security problems that matter to real users Fri, 09 Nov 2007 01:16:17 +0000 http://backend.userland.com/rss092 en Here are a couple of examples of using sandboxes in Leopard. Both examples involve confining a test application that needs to read a file, but should not be able to write that file. I realize that this could be easily implemented with standard Discretionary Access Control (DAC) mechanisms, but this ... http://www.usefulsecurity.com/2007/11/apple-sandboxes-part-2/ Linux isn't the only operating system with activity in the enhanced access control department. Apple recently released Mac OS X 10.5 Leopard, which includes a new feature called a sandbox (or seatbelt, depending on where you're looking) as well. I delved into the sandbox mechanisms a bit and wanted to ... http://www.usefulsecurity.com/2007/11/apple-sandboxes-part-1/ I had the distinct opportunity to speak at the Montavista Vision conference about SELinux in embedded devices. I'd like to say thanks to all who attended my talk. A copy of the slides is available here. Thanks for all the questions. I hope I answered them to your satisfaction. Some of ... http://www.usefulsecurity.com/2007/10/montavista-vision-2007/ I'd like to say thanks to all who attended my talk at LinuxWorld. A copy of the slides is available here. I hope you enjoyed it and got a lot out of it. I just posted the second demo in full here, and I'll try to get the last one ... http://www.usefulsecurity.com/2007/08/linuxworld-07/ Problem While it is always preferable to keep confidential information such as customer records away from a website, that is often not feasible. This is especially true in ecommerce, but is true in other areas as well. In order to protect this information, most people will employ some sort of authentication ... http://www.usefulsecurity.com/2007/08/preventing-disclosure/ Problem Web applications can be a source of very frequent vulnerabilities. These vulnerabilities can stem from bugs in the program itself as well as the libraries and frameworks upon which it depends. These vulnerabilities are often used as the entry-point for an attacker to upload malicious software onto a system. This ... http://www.usefulsecurity.com/2007/08/vulnerable-web-applications/ Welcome to usefulsecurity.com. This blog is dedicated to providing tips, pointers, howtos, and other information on solving real security problems. Too often today security professionals come up with "solutions" that don't really help users solve their security problems. This stems from many reasons, including not understanding the problem correctly, not ... http://www.usefulsecurity.com/2007/08/useful-security/