How the hell is _any_ OS going to track origin of 'file'?
What _is_ origin of 'file'?
Add an arbitrary number of netcat-over-UDP transfers between start and end of process.
Ownership/origin metadata is impossible to track unless it's overlayed on every single bit of of information transiting every process and every network node.
djb simply does a massive hand-wave over this, as far as I can tell. I respect the man a lot, but this totally loses me.
Set some metadata on process streams. One could write a kernel module to track this flow.
I'd love to set filters on file actions like, "after an image/pdf/etc has been downloaded prevent any program from loading it until it has been scrubbed through a whitelisting format normalizer running in a VM" if problems are found, alert and blacklist source.
Free technical PDFs make a great vehicle into a research org.
Taint isn't telling you who data came from. Only that it was external to the program. That's a much simpler challenge, particularly as it takes place within a single process's context.
It seems simple you just give an OS program the URI necessary. The program then performs the download and tags it with the relevant metadata.
The example you give would be a bit more complicated, but you would just rewrite curl to attach metadata to file descriptors. Then the OS can have some restrictions about certain programs reading from file descriptors with metadata it deems untrustworthy.
1. Why is it a mandatory requirement?
2. How can it possibly be uniformly implemented.
E.g.: curl <some source> | perl -e <some filter> > file
How the hell is _any_ OS going to track origin of 'file'?
What _is_ origin of 'file'?
Add an arbitrary number of netcat-over-UDP transfers between start and end of process.
Ownership/origin metadata is impossible to track unless it's overlayed on every single bit of of information transiting every process and every network node.
djb simply does a massive hand-wave over this, as far as I can tell. I respect the man a lot, but this totally loses me.