[cap-talk] Capabilities and Freedom vs. Safety
Pierre THIERRY
nowhere.man at levallois.eu.org
Sat Jul 21 20:50:10 EDT 2007
Scribit James A. Donald dies 22/07/2007 hora 10:31:
> > 2. The system-wide installation utility should be able to install
> > programs in such a way that (a) they are confined when run, but (b)
> > the user cannot inspect their code or data.
> This makes it likely that such programs will not necessarily be
> written to act in the best interests of the user - that they will, in
> some sense, be Trojans or malware.
Could you detail how a Trojan or malware could be designed as to
effective when run confined?
And why should an uninspectable code be more malicious than one
inspectable? Isn't it partly because code inspection isn't effective as
a practical security measure that we are designing capability systems?
Curiously,
Pierre
--
nowhere.man at levallois.eu.org
OpenPGP 0xD9D50D8A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://www.eros-os.org/pipermail/cap-talk/attachments/20070722/6397ca28/attachment.bin
More information about the cap-talk
mailing list