[cap-talk] Negative permissions
Jonathan S. Shapiro
shap at eros-os.com
Mon Feb 4 14:06:00 EST 2008
On Mon, 2008-02-04 at 09:55 -0800, Jed Donnelley wrote:
> At 08:46 AM 2/4/2008, Karp, Alan H wrote:
> >Jed wrote:
> > >
> > > At this point I feel I have such a clear view of how
> > > these mechanisms are working, it seems a shame that I
> > > don't have an opportunity to work on architecting a
> > > system with them - e.g. a capability based system
> > > with some identity based controls (e.g. MLS).
MLS does not entail identity-based controls. It entails domain-based
controls. There is nothing in the implementation of an MLS system that
benefits significantly (even if viewed purely from an efficiency
perspective) from identity-based controls in the core kernel.
More information about the cap-talk
mailing list