[cap-talk] (no subject)
Karp, Alan H
alan.karp at hp.com
Mon Feb 4 00:45:12 EST 2008
ross mcginnis wrote a bunch of stuff I didn't follow about storing chemicals:
The confused deputy problem is not possible if designation and authorization are combined, the defining characteristic of a capability. A file name is not a capability, password or otherwise, because it designates a file but does not authorize access to it.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list