[cap-talk] A better reference for the "capabilities propagate too easily" argument
Jonathan S. Shapiro
shap at eros-os.com
Thu Aug 2 08:03:28 EDT 2007
On Wed, 2007-08-01 at 20:58 -0700, Mark Miller wrote:
> I don't think the term as defined here is a terribly
> useful concept. I encourage us to stop using it.
More broadly, you don't think that the term "mandatory access control"
is useful in the absence of an agreed definition.
In abstract, I agree that this is a fine reason not to use it.
Unfortunately, we don't have that luxury. The larger security community
is going to characterize questions using these terms, and we need to be
able to respond.
shap
More information about the cap-talk
mailing list