[cap-talk] confused deputy problem
Bill Frantz
frantz at pwpconsult.com
Thu May 29 16:23:38 CDT 2008
david.hopwood at industrial-designers.co.uk (David-Sarah Hopwood) on Thursday, May 29, 2008 wrote:
>The problem that a user should not trust much of the software
>that they are executing also applied at that time; it was just
>less obvious.
The great enlightenment I experienced during the National Computer
Security Center review of KeyKOS came when one of the reviewers
said to me, "We trust the user. He's been cleared. We don't trust
the program he's running." Since this was over 20 years ago, I
think the problem has been acknowledged for a long time.
Effectively addressing it is another matter.
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz |"We used to quip that "password" is the most common
408-356-8506 | password. Now it's 'password1.' Who said users haven't
www.periwinkle.com | learned anything about security?" -- Bruce Schneier
More information about the cap-talk
mailing list