Security compartmentalisation
Nobody III
hungryninja101 at ...9...
Sun Jul 26 08:02:59 CEST 2015
For security purposes, you should keep L4Linux from being able to access
sensitive data or otherwise cause problems. The sensitive stuff (e.g.
crypto) should be running on Genode instead of in L4Linux, or at least in a
separate L4Linux system. For security purposes, think of L4Linux as a fast
virtual machine.
On Sun, Jul 26, 2015 at 4:44 AM, Thotheolh Tay <twzgerald at ...9...> wrote:
> Hi,
>
> I would like some help understanding the below described scenario.
>
> An L4Linux/Genode/Fiasco.OC is used as the secure environment. If a
> malware is executed on a process thread on the L4Linux layer, say to scrape
> the L4Linux to do memory dumps or to access the filesystem for crypto key
> files, how will the above setup protect against a malicious process thread
> ? An example being a PGP email crypto program running on a process thread
> with another process thread infected by a malware.
>
> Thanks & Regards,
> Thoth.
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> genode-main mailing list
> genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genode.org/pipermail/users/attachments/20150726/879d1717/attachment.html>
More information about the users
mailing list