[cap-talk] Horton vs. ACLs - private namespaces and the Audit Problem
Karp, Alan H
alan.karp at hp.com
Wed Oct 10 16:16:55 EDT 2007
Jed wrote:
>
> I thought the question was whether knowing which objects
> had access to which other objects (e.g. in real time)
> or even seeing logs of which objects had accessed
> which other objects was the level at which I earlier
> and MarkM above were asking about the value in the logs
> of such low level traces.
>
I presume that access to the file containing the quarterly results is
controlled by a capability that may have been passed from object to
object. The question to be answered is whether any object reachable
from the capabilities in Alan's powerbox has had the capability to the
file in question during the time period of interest. I believe that
tracking all capability transfers would allow that question to be
answered.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list