[cap-talk] ... enforcement - hope? Capabilities as clumsy, not

marcs marcs at skyhunter.com
Wed Sep 29 12:24:47 EDT 2004


> Don't tar all ambient authority systems, or all ACL-based 
> systems, with the same brush.  They're not all equally bad.  
> Some of these systems do better than stock Unix, even though 
> (as I have said before) they are not perfect. 

They may vary in the quality of security they can enforce, but they vary
only perversely in the quality of security they can usably enforce in a
dynamic environment with frequent grants and revocations of authority. For
big backend servers, that is sorta ok. For desktops, handhelds, and cell
phones, it is not.

--marcs





More information about the cap-talk mailing list