[cap-talk] Another "core" principle - confused deputy?
Jonathan S. Shapiro
shap at eros-os.com
Wed Dec 27 10:44:02 CST 2006
On Wed, 2006-12-27 at 14:22 +0000, David Hopwood wrote:
> Much of the access control literature is ambiguous about whether subjects are
> human users, or instances of programs, and so saying "subject" here would not
> have adequately conveyed the point.
The access control literature is quite clear that a subject is a process
and a user is a principal. There are a small number of publications that
are flatly wrong, but to say that "much" of the literature gets this
wrong is a broad overstatement.
--
Jonathan S. Shapiro, Ph.D.
Managing Director
The EROS Group, LLC
+1 443 927 1719 x5100
More information about the cap-talk
mailing list