[cap-talk] What's "Discretionary Security" (was: Another "core" principle, capability communication)
Mark S. Miller
markm at cs.jhu.edu
Mon Jan 1 21:14:34 CST 2007
Karp, Alan H wrote:
> MarkM wrote:
>>> Let's start with a plain conventional Unix ACL-ish example.
>> I create a file
>>> foo.txt. I choose not to give you write permission on this
>> file. Are we
>>> interacting using mandatory or discretionary security?
>> how would you describe it using these terms?
>>
> Discretionary, but the example is flawed. How can you choose to give a
> subject write permission in a Unix system? In a Unix-like system where
> you can, it's non-discretionary if you want to grant write permission,
> but the grantee doesn't get it.
>
> Also, VOC is non-discretionary.
Do you claim these answers are consistent with Shap's stated definitions for
these terms? If instead, as I suspect, you have a different meaning in mind,
could you state your proposed meaning for these terms?
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list