[cap-talk] Horton vs. ACLs - private namespaces and the Audit Problem
Karp, Alan H
alan.karp at hp.com
Thu Oct 11 20:56:52 EDT 2007
Jed wrote:
>
> And to summarize my response, if you consider non-Horton
> transfers as not meeting policy, then such are just a small
> fraction of many more non-policy mechanisms that would also
> not be detected by low level logs.
>
I do not consider non-Horton transfers as not meeting policy (a triple
negative) since most will be between programs run by a single
responsible party. But that's beside the point. I believe that low
level logs can in principle provide useful audit information even when
Horton isn't used at all. Practice is another matter entirely.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list