[cap-talk] Horton vs. ACLs (was: Examples where ACLsare better...)
Karp, Alan H
alan.karp at hp.com
Mon Oct 8 14:36:05 EDT 2007
Shap wrote:
>
> The audit problem is to provide a mechanism by which an external
> security auditor (a human using tools) can determine which
> programs have
> access to which authorities.
Horton doesn't have anything to say about this problem. If you meant
"people" where you said "programs", then the answer is straightforward.
Some of the identity objects in Horton come from the same administrative
domain as the auditor, so the auditor can assign meaningful identities
to them. Others may not, in which case the auditor can do no better
than to use path based names, e.g., HP employee Alan's MarkM's Shap.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list