!xnySFvrfsReyMipyjD:matrix.org

OS security

44 Members
Discussion on sandboxing, virtualization, encryption, verified boot, exploit mitigations and so on. Occasional discussion on app security is allowed as well, especially when directly related to an OS's security. We focus mainly on FOSS operating systems, but discussion on how to implement the security features of proprietary ones in FOSS OSes is accepted as well. Rules: Keep it mostly on topic, no spam, NSFW content or similar, no ban evasion, make sure it is clear to room members what information they can get from links you share, no discrimination, no unnecessary ad hominem. Moderation is open to criticism and suggestions, but again, do not use insults or disrespect where inappropriate.13 Servers

Load older messages


Timestamp Message
26 May 2020
05:43:28@fantasycookie17:fantasycookie17.onederfultech.comFantasyCookie17
In reply to @shipp:mozilla.org
what is ChromeOS using for their sandbox, bwrap? or their own custom solution?
I guess they use the Android one.…
05:43:36@fantasycookie17:fantasycookie17.onederfultech.comFantasyCookie17 Or something similar.
05:43:47@analogpathy:synapse.travnewmatic.comanalogThey use minijail
05:44:13@analogpathy:synapse.travnewmatic.comanalog
In reply to @fantasycookie17:fantasycookie17.onederfultech.com
I guess they use the Android one.…
Uhuh
05:44:19@shipp:mozilla.orgShippage FantasyCookie17: No, like how Windows has certain things signed. I don't know how the details of how files are signed, but you can only install drivers signed by the manufacturer for example, to prevent running malicious files and to be sure it's the real file.
05:44:55@fantasycookie17:fantasycookie17.onederfultech.comFantasyCookie17
In reply to @shipp:mozilla.org
FantasyCookie17: No, like how Windows has certain things signed. I don't know how the details of how files are signed, but you can only install drivers signed by the manufacturer for example, to prevent running malicious files and to be sure it's the real file.
Well, the package manager uses signed packages as well…
05:45:22@fantasycookie17:fantasycookie17.onederfultech.comFantasyCookie17 And it should also be possible to prevent the kernel from running unsigned modules.
05:46:30@analogpathy:synapse.travnewmatic.comanalogI recall it already disallowing the loading of unsigned modules
05:46:41@shipp:mozilla.orgShippagesigned files need to become a norm in linux, that's how you would prevent things like hijacking the user's ~/.bashrc by seeing it's not signed by the original author
05:49:14@analogpathy:synapse.travnewmatic.comanalogI mean I'm pretty sure there's already a kernel module that implements verification of binaries but nobody has really been working on it.
05:49:43@fantasycookie17:fantasycookie17.onederfultech.comFantasyCookie17
In reply to @analogpathy:synapse.travnewmatic.com
I mean I'm pretty sure there's already a kernel module that implements verification of binaries but nobody has really been working on it.
Well, dm-verity…
05:51:07@shipp:mozilla.orgShippageverity just verifies it's signed correctly, it doesn't actually do the signing
05:51:08@analogpathy:synapse.travnewmatic.comanalogI still want to try to compile ChromiumOS with dm-verity verified boot
05:51:16@analogpathy:synapse.travnewmatic.comanalogit's a bit similar to how Hackintosh does it
05:51:52@shipp:mozilla.orgShippageI want to try and make an installer to set up dm verity for existing linux distros, but I may be thinking a little too ambitious lol. I'm trying to just get it working on my setup first
05:52:41@shipp:mozilla.orgShippagei feel like the tools to make Linux desktop very secure is there, just not quite put together.
05:52:56@analogpathy:synapse.travnewmatic.comanalogRedacted or Malformed Event
05:53:15@analogpathy:synapse.travnewmatic.comanaloghttps://en.wikipedia.org/wiki/PKCS
05:53:47@analogpathy:synapse.travnewmatic.comanalogMaybe you could self-sign the cert and then sign your file with the private key and cert using PKCS7
05:54:18@fantasycookie17:fantasycookie17.onederfultech.comFantasyCookie17
In reply to @analogpathy:synapse.travnewmatic.com
Maybe you could self-sign the cert and then sign your file with the private key and cert using PKCS7
Why not PKCS#12?
05:54:26@shipp:mozilla.orgShippageHow would you how the private key
05:54:38@shipp:mozilla.orgShippage So a malicious actor couldn't access it and sign things
05:54:55@shipp:mozilla.orgShippageI think maybe the tpm could store it
06:00:31@analogpathy:synapse.travnewmatic.comanalog
In reply to @fantasycookie17:fantasycookie17.onederfultech.com
Why not PKCS#12?
I just know that the the PKCS#7 format stores one or more certificates without private keys and S/MIME is the standard
06:01:39@analogpathy:synapse.travnewmatic.comanalog
In reply to @shipp:mozilla.org
How would you how the private key
the S/MIME signature for that public key can only be generated with the private key which you won't distribute
06:02:32@shipp:mozilla.orgShippageI need to go to bed, but I will think about this. Peace
06:02:37@analogpathy:synapse.travnewmatic.comanalognight
06:08:28* @analogpathy:synapse.travnewmatic.comanalog
In reply to @analogpathy:synapse.travnewmatic.com
I just know that the the PKCS#7 format stores one or more certificates without private keys and S/MIME is the standard
is not the right person to ask.
14:23:03@madaidan.:matrix.orgmadaidan.
In reply to @shipp:mozilla.org
Programs should pretty never have home dir permissions, as it's practically a full compromise. They should only ever get specific directories
No, that's not a good approach either. Apps will want to access everything in the home directory. The best approach is to create different users for each apps with their own separate home directories and a shared storage mechanism to share files across. The app will have access to their entire home directory but not other apps'. Thus breakage is minimal and security is maximal.
14:23:34@madaidan.:matrix.orgmadaidan. cough sandbox-app-launcher, android, ios cough

There are no newer messages yet.


Back to Room List