[cap-talk] Confinement Confusion (was: Communicating conspirators)
David Wagner
daw at cs.berkeley.edu
Tue Jul 18 04:55:26 EDT 2006
Mark Miller writes:
>I agree, but for the phrase "the *-property could also be viewed as an
>approach to achieving bit-confinement". If X is a necessary step for achieving
>Y, but not sufficient for achieving Y, then it seems strange and confusing to
>me to say that Y is an approach for achieving X.
It sounds like you are saying that the *-property is not sufficient
to ensure bit-confinement. Can you explain that? As far as I know,
if the *-property is faithfully followed at every level of the system,
and applied to every system resource, then I suspect it is sufficient
for bit-confinement (in the sense that High processes are confined and
cannot leak bits to Low processes). Is that not the case?
More information about the cap-talk
mailing list