Norman Hardy wrote:
>
> There is an avoidable pitfall in Factory usage.
> The requester passes in a spacebank and if
> that space bank buys and sells material from a general pool
> (which is the current normal practice) than an unconfined
> accomplice can obsereve the waxing and wayning of storage
> and thus receive signals from code within the confined
> environment. Banks can be configured to limit this
> effect to zero or near zero at fairly small storage cost.
>
> This "covert channel" was found by preliminary formal
> security analysis.
Hmmm ... do you think it is possible to avoid covert channels?
Cheers,
Ben.
-- Ben Laurie |Phone: +44 (181) 735 0686| Apache Group member Freelance Consultant |Fax: +44 (181) 735 0689|http://www.apache.org/ and Technical Director|Email: ben@algroup.co.uk | A.L. Digital Ltd, |Apache-SSL author http://www.apache-ssl.org/ London, England. |"Apache: TDG" http://www.ora.com/catalog/apache/