[OLPC Security] Email-attached/IM-shared applications and worms

Mike C. Fletcher mcfletch at vrplumber.com
Tue Jun 5 15:07:46 EDT 2007


The correlation document[1] has a number of sections describing threats 
from email-attached executables.  I don't see where we have explicitly 
stated this restriction to provide protection, so here it is:

    * document mount-points within an application's chroot must be
      no-execute-bit restricted
          o restricts installation of new software so that files stored
            by the application are not directly executable
                + user can download a package to install, but they
                  cannot run it directly from email/web
          o it does not protect against corrupted "executable files"
            (e.g. scripted web-pages or macros embedded in office documents)
          o to be installed on a non-execute-bit restricted file-system
            (e.g. an application's r/o installation image) the software
            must be transferred to the file-system location by the
            installer service
          o installer service should be a *separate* activity from the
            activity which downloaded the package description
                + installer can be asked to open a given package/xo/rpm
                  from the Journal
                + might be possible to launch the activity with the
                  installer activity *iff* we support the general case
                  of opening a file/journal from the Journal interface
                  with a given, specified activity (not the original
                  activity)
          o installer is where the capability restrictions are added to
            the executable
          o the executable cannot be directly launched from the activity
            without installation via the installer service first, and on
            doing so it becomes a separate activity *without* access to
            the introducing activity's resources

Have fun,
Mike

http://wiki.laptop.org/go/Correlating_Bitfrost_and_Threats#Safest_Categories_for_Application_Installation

-- 
________________________________________________
  Mike C. Fletcher
  Designer, VR Plumber, Coder
  http://www.vrplumber.com
  http://blog.vrplumber.com



More information about the Security mailing list