[cap-talk] Fourth ABAC, prevention of delegation
norm at cap-lore.com
Mon Jul 31 21:06:58 CDT 2006
On Jul 31, 2006, at 6:20 PM, Jed at Webstart wrote:
> At 01:24 PM 7/31/2006, Norman Hardy wrote:
>> Marc says at <http://video.google.com/videoplay?
>> docid=-7961423532989255419#1h6m10s> that delegation cannot be
>> prevented and goes on to note that delegation is the cornerstone of
>> I agree that delegation is the cornerstone of civilization.
>> Delegation can be prevented but at the cost of not getting your job
> I believe Marc was referring to the communicating conspirators case.
> That is, where communication is possible delegation cannot be
> He made his statement following his statement that there is no
> available to prevent copying and forwarding of data when
> communication is
Perhaps I took it out of context but Marc seemed to be summing up at
the end for the entire gamut of capability schemes.
I agree that without confinement one trusts the program provider.
> I won't say more about this as it's extensively covered elsewhere
> on this
> list. Is this a confusion on what was intended or on some base
> topic? Do you believe it is possible to block delegation even when
> full bidirectional communication is possible? Any discussion along
> lines it seems to me should go into the conspiring communicators
> Of course one can block delegation with confinement - as all
> communication is blocked.
>> More important is that with confinement, one can delegate a task to
>> 1000 programs, without delegating the secrets within the task to the
>> respective programmer providers.
>> This sort of delegation is immensely practical.
>> Even our favorite solitaire in cap-desk is unable to remit the poor
>> play of the user to the program author.
> --Jed http://www.webstart.com/jed/
> cap-talk mailing list
> cap-talk at mail.eros-os.org
More information about the cap-talk