Re: Executing an application
Re: Executing an application
- Subject: Re: Executing an application
- From: Todd Heberlein <email@hidden>
- Date: Mon, 13 Oct 2008 13:58:35 -0700
(2) Common Criteria Auditing is narrowly defined by use model; as
long as you don't use it outside the model, it remains valid. For
system components shipped by a vendor, existing behaviour is
technically allowed. Outside that, well, choose to use code paths
involving execve() rather than posix_spawn().
This doesn't make sense to me. The BSM Auditing is positioned as a
security capability and is required for certain certifications (like
various Common Criteria levels); it shouldn't be trivial to bypass the
security by simply using a different API.
Do not expect a "hot fix" for already released code, and do not any
fix whatsoever unless you file a bug report through the proper
channels, rather than posting on a mailing list.
Agree. I like to use the mailing list to get pointers for where to
look (e.g., pointing me to launchd for starting applications via the
dock) and then getting confirmation on how I think things are working.
This makes it easier for me to file a more specific (and hopefully
useful) bug report.
Todd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden