[cap-talk] capabilities Q, SetUID and ambient authority problems
Karp, Alan H
alan.karp at hp.com
Sun Jun 18 22:12:21 EDT 2006
Jed wrote:
>
> Right, but remember what the basic point is that we're trying to get
> at (if I have this right), namely the added value that comes from
> using a POLA (e.g. almost necessarily "capability") approach to
> authorization rather than "ambient authority" (users, groups, etc.).
>
And there's the disconnect. I use the Solitaire example in my Polaris
talk. Polaris uses ACLs, userids, groups, and all that junk. I'm just
getting the audience to recognize that the fundamental problem is that
we give all our authority to every program we run.
_________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Karp, Alan H.vcf
Type: text/x-vcard
Size: 423 bytes
Desc: Karp, Alan H.vcf
Url : http://www.eros-os.org/pipermail/cap-talk/attachments/20060618/d5c290cc/attachment.vcf
More information about the cap-talk
mailing list