[cap-talk] A better reference for the "capabilities propagate too easily" argument

David Hopwood david.hopwood at industrial-designers.co.uk
Thu Aug 2 10:28:14 EDT 2007


Jonathan S. Shapiro wrote:
> On Wed, 2007-08-01 at 20:58 -0700, Mark Miller wrote:
>> I don't think the term as defined here is a terribly
>> useful concept. I encourage us to stop using it.
> 
> More broadly, you don't think that the term "mandatory access control"
> is useful in the absence of an agreed definition.
> 
> In abstract, I agree that this is a fine reason not to use it.
> Unfortunately, we don't have that luxury. The larger security community
> is going to characterize questions using these terms, and we need to be
> able to respond.

"What do you mean by mandatory access control?" is a reasonable initial
response, at least in one-to-one discussions.

-- 
David Hopwood <david.hopwood at industrial-designers.co.uk>



More information about the cap-talk mailing list