[cap-talk] Horton vs. ACLs - private namespaces and the AuditProblem
Karp, Alan H
alan.karp at hp.com
Wed Oct 10 17:05:44 EDT 2007
MarkM wrote:
> We could also derive from
> the logs something like "Did Alan ever have permission to access the
> quarterly results?" But this is unsafe -- Alan may have had the
> authority but not the permission.
>
As I said in my original note, a "no" is not definitive, but a "yes" is.
Indeed, with a log we can do even better if the answer is "yes". The
log will tell us if Alan ever used the capability.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list