[cap-talk] An example of violating POLA?
toby.murray at comlab.ox.ac.uk
Mon Jun 9 00:45:24 CDT 2008
On Mon, 2008-06-09 at 01:46 +0000, Baldur Johannsson wrote:
> H'lo cap-talk
> I am thinking if giving some service such as yelp mentioned in
> complete access to your emailbox just so it can read the address
> book isnt a big violation of POLA then I dont know what is.
> (Sorry for the german like spring-sentence.)
Absolutely. The trick is, however, coming up with a means for the user
to grant Yelp the authority to read the address book. This is perhaps
even more difficult for web applications than for traditional ones,
since there is no obvious delineation between "installation" and "use"
with most web apps -- although there is, of course, often a "sign-up"
phase, which might be considered akin to "installation". Perhaps a means
to store permissions with cookies might enable one to grant privileges
at "sign-up" time for web apps by creating a persistent cookie that also
maintains a permission list (similar to an installation endowment) for
the web application. This permission list might be a Caja environment
(i.e. a mapping from names to values, where values could include File
objects on the local machine or other authority-granting abstractions).
Even with this machinery, the question still remains as to how the user
is supposed to know, and decide to grant, Yelp access to their address
The issue is only complicated slightly further by the fact that I
thought that Yelp was the GNOME Help Browser ;)
More information about the cap-talk