[cap-talk] Horton vs. ACLs - private namespaces and the AuditProblem
Mark Miller
erights at gmail.com
Wed Oct 10 17:18:16 EDT 2007
On 10/10/07, Karp, Alan H <alan.karp at hp.com> wrote:
> As I said in my original note, a "no" is not definitive, but a "yes" is.
> Indeed, with a log we can do even better if the answer is "yes". The
> log will tell us if Alan ever used the capability.
How happy would auditors and regulators be if the answer on a given
system were always a non-definitive "no"? This can easily happen for
entirely innocent reasons.
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list