[cap-talk] Loss of control (was: Re: A paper on web-keys)
Bill Frantz
frantz at pwpconsult.com
Mon Feb 4 01:38:10 EST 2008
david.hopwood at industrial-designers.co.uk (David Hopwood) on Sunday, February 3, 2008 wrote:
>No, that is true, but it wasn't my point. As I replied to Sandro, the main
>issue is that:
>
> "If the domain restriction [mentioned by Alan Karp] prevents any attacks,
> then confused deputies in the domain become possible vectors for those
> attacks."
>
>Conversely, if there are no attacks prevented by the domain restriction,
>then it is providing no security benefit.
Note that the problem is with the security policy, the domain
restriction, not with the way it is implemented. It could be
implemented by ACLs, by IP address checking, or by a capability
structure. In any of these cases, it is the policy that is broken.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | gets() remains as a monument | Periwinkle
(408)356-8506 | to C's continuing support of | 16345 Englewood Ave
www.pwpconsult.com | buffer overruns. | Los Gatos, CA 95032
More information about the cap-talk
mailing list