[cap-talk] Capabilities giving up control?
John McCabe-Dansted
gmatht at gmail.com
Fri Jan 25 11:40:05 EST 2008
On Jan 26, 2008 1:02 AM, Norman Hardy <norm at cap-lore.com> wrote:
>
> On 2008 Jan 20, at 5:02 AM, John McCabe-Dansted wrote:
> > However I'd like to clarify one possible exception. We may casually
> > say that X can "influence" Y via a covert channel, but Y might not
> > be in the transitive closure of permissions. Or would we say that X
> > and Y have permissions to the shared resource used to implement the
> > covert channel?
>
> We have been vague about the meaning of "transitive closure" I think.
> Ordinary usage of 'authority' might say that I don't have the
> authority to stop you from flying just because I am in a position to
> buy the last available ticket.
> This is an overt signal and I think we must include it in our security
> analysis, perhaps by making permissions reflexive.
Oops. I meant symmetric, not reflexive.
--
John C. McCabe-Dansted
PhD Student
University of Western Australia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20080126/2853a12d/attachment.html
More information about the cap-talk
mailing list