[cap-talk] Rooted graph bad for POLA ? ( search capability )
Karp, Alan H
alan.karp at hp.com
Thu Oct 2 10:23:42 CDT 2008
Marcus Brinkmann wrote:
>
> This is the super-root without which I would feel that the system does
> not give me the same level of functionality as a system which does not
> have such a super-root.
>
But you want minimize the number of programs that run as super-root. You may be able to get away with exactly one, an administrator's powerbox.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list