site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=951EQGk+sLkJfg0bNeLbW5Aldtf0VQgOZkbre24jylA=; b=SsUR+SgUsdPtjt8NsQVLg6ds0W7b5/o8ARpoS8VrSMNaBf3ocVHiC3GWC951tj1zYl EfrByQLoqpA8Rbzc5V7aXiF+DVpS8PAnfEET4CJrY/9bvktFfW7YzOTiIJ7wrXCqKhCr AOjkJ6VqQuNuMdBXjO0f/pWXsYkgok7l1n4x0= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=ZuT7XYHZ5cjCVxxPkcAMJJbwzdumjiTqIIr4Ihr4af+mgWWg8UOl6VCB4HhDtgxp6e xLCZ1l5lY6xX/II1BBVFmYbIlmiDOpS/LA6pOb4CuKT8HZX8dhha6WcK6j7znj7ajPa3 8SyekpR8WPm3+jYKrSNodkRSAFxg3tn85B/gk= Hi Terry, On Mon, Oct 13, 2008 at 10:47 AM, Terry Lambert <tlambert@apple.com> wrote:
There are a couple of easy answers on this, but you are not going to like them:
(1) Fix the problem and build your own kernel. Submit the patches back to Apple to increase the probability that things will be fixed the way you want them fixed.
fair enough
(2) Common Criteria Auditing is narrowly defined by use model; as long as you don't use it outside the model, it remains valid. For system components shipped by a vendor, existing behaviour is technically allowed. Outside that, well, choose to use code paths involving execve() rather than posix_spawn().
yep I'm right with this, but it doesn't solve the Finder part, and it's not my point
Do not expect a "hot fix" for already released code, and do not any fix whatsoever unless you file a bug report through the proper channels, rather than posting on a mailing list.
I don't expect a Hot fix, it's somehow always a bad thing, my point was Leo should go thru a couple of revisions before snow-leo release, and it's not a "Big move", saying you have to wait for the next release of the OS was a kind of an "abusive answer", my point is I never argue about the Apple priorities and I 'm aware there are a "couple other stuff" to do, but this is a part of "seatbelt" improvement politic Cheers!
-- Terry
On Oct 13, 2008, at 10:04 AM, mm w <openspecies@gmail.com> wrote:
Hi Jacques, but it's so far in the future, the needs are now not in next release of the system, imagine if you say the same thing on another list about a wonderful open-system, you have to wait the next release of the whole operating system to correct this, it's non-sense
Cheers!
On Mon, Oct 13, 2008 at 9:44 AM, Jacques Vidrine <nectar@apple.com> wrote:
On Oct 11, 2008, at 9:23 PM, Todd Heberlein wrote:
Double-clicking an app will cause lauchd to fork and start the process. One Leopard posix_spawn is used to start the new process. E.g.
Looking at the launchd source code, it looks like it sets the appropriate audit mask *before* calling posix_spawn().
So is it possible that posix_spawn() doesn't create an audit record? This seems challenging... there may be no way to identify in the audit trail the name of a program started with launchd (?). This will make security auditing difficult.
It is likely that there are some launchd code paths which do not result in setting the audit mask before invoking posix_spawn(). There is significant remediation and enhancement work happening in this area for Snow Leopard.
-- -mmw _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com