Re: [tlug] Dealing with software with wide attack surface

[Christian Horn <chorn@example.com>]

On Sun, Aug 29, 2021 at 01:17:58PM +0900, Michael Paddon wrote:
> [..]
> This is good advice. More formally, you should try to implement a "reference
> monitor".
> 
> Jaegar (2011) describes the concept as "a system component, called a
> reference validation mechanism, will be responsible for enforcing the
> system’s access control policy over user process operations. The reference
> monitor concept defines the requirements for implementing such a mechanism
> in a manner that ensures that malicious users cannot circumvent policy
> enforcement."
> 
> There's a good discussion here on why this pattern is helpful.
> https://www.mdpi.com/2078-2489/7/2/23/pdf

That reminds me much of selinux.
While Debian services in general do not come with selinux policies,
the kernel is compiled for selinux.  Maybe I should try to run 
Lychee in a container, using the UBI image from Red Hat, which can
be freely distributed and should inside also nicely deal with
selinux.

Chris