Executable Documents and the Case for AppArmor

Chat about just about anything else

Executable Documents and the Case for AppArmor

Postby mike acker on Wed Jul 02, 2014 7:11 am

Yesterday there was this article about visual basic used as a virus vehicle in Word . and from earlier we remember how an infected flash object in an excel spreadsheet was used to effect the RSA hack

if you think of your computer as a castle with the kernel being the Keep of the Castle -- and the various application regions being the "Towers" you see that when this mechanism is operating properly a hacker can't get into the "Keep" -- nor can he get from one "Tower" to another...

...unless someone opens one of these executable documents: all the Towers belong to the same King: you. And they all use the same credentials: yours: the ones you logged on with.

what this means: if the Lord of the North Tower opens an infected executable document he now has access to all the same directories that the other Towers have.

back to reality: If you have access to (e.g.) PeopleSoft and you open an infected document in e/mail that infected document can now access PeopleSoft. This is the case for AppArmor: you should access PeopleSoft ONLY with the PeopleSoft app. software. AFAIK this can only be defined using AppArmor.
Home assembled box using ASUS M5A88-M motherboard and x64 AMD Phenom II X4 3.4GHz cpu; 4x4MB DDR3 RAM
User avatar
mike acker
Level 4
Level 4
 
Posts: 362
Joined: Wed Jul 31, 2013 6:29 pm
Location: Kalamazoo, MI

Linux Mint is funded by ads and donations.
 

Re: Executable Documents and the Case for AppArmor

Postby mike acker on Thu Jul 03, 2014 9:02 am

good essay on ZD Net this morning dealing with this topic

it is critical to recognize that when you log onto a PC workstation your logon credentials are applied to ALL you apps... this is a serious error, and mixed with executable documents it is a recipie for disaster
Home assembled box using ASUS M5A88-M motherboard and x64 AMD Phenom II X4 3.4GHz cpu; 4x4MB DDR3 RAM
User avatar
mike acker
Level 4
Level 4
 
Posts: 362
Joined: Wed Jul 31, 2013 6:29 pm
Location: Kalamazoo, MI


Return to Open chat

Who is online

Users browsing this forum: No registered users and 4 guests