[cap-talk] Confused deputies in hybrid systems (was: Loss of control)
Karp, Alan H
alan.karp at hp.com
Tue Feb 5 18:11:02 EST 2008
Bill Frantz wrote:
>
> If we wanted to enforce this policy without using anything like the
> firewall, just using capabilities, what would we do? We need to
> construct some structure of capabilities to define what is outside
> and what is inside.
>
The statement of the problem implies that there is a way to distinguish "inside" from "outside". Why not just put a membrane around "inside" and never accept an "inside" capability that came from "outside"?
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list