[cap-talk] EQ all over again (Re: Is this attack feasible in any real ocap systems?)
Jed Donnelley
jed at nersc.gov
Fri Apr 4 19:36:45 CDT 2008
On 4/4/2008 4:07 PM, Raoul Duke wrote:
>> I'll let the anti-EQ people try to come up with a fix for the
>> KeyKOS box that doesn't use EQ. :-)
>
> the Grant Matcher pages make mention of the fact that distributed EQ
> is i guess fraught with some kinds of performance and/or security
> perils (i am mostly clueless about them). as another approach to the
> whole "avoid EQ" meme, are there ways one might improve on distributed
> EQ so that it wasn't so evil to make use of the feature?
I don't think so, because the problem with EQ is its power,
not its implementation. The above would only make sense if
you were suggesting some sort of a weakened "EQ". We have
some of those already (e.g. my "MyCap?"), but seem to keep
coming back to questions surrounding EQ - I think partly
because often an EQ-based solution to a problem is the
most immediate one that comes to mind.
--Jed http://www.webstart.com/jed/
More information about the cap-talk
mailing list