[cap-talk] More Heresey: ACLs not inherently bad

Karp, Alan H alan.karp at hp.com
Tue Sep 16 19:05:45 CDT 2008


Bill Frantz wrote:
> alan.karp at hp.com (Karp, Alan H) on Thursday, September 11, 2008 wrote:
>
> >I contend the installation endowment is the only time you need to
> grant O(20+) rights.  Per execution
> >is always(?) O(1).
>
> Consider the example of make and its close friend, gcc. In "mature"
> systems, the make environment is a (usually undocumented) monster
> of directories and dependencies. It is majorly daunting to new
> developers. Trying to apply POLA to that environment sends me
> screaming to, "Just give make everything and lets get on with
> life."
>
Good example, but there are two caveats.  Often, the rights can be collected in O(1) directories.  When that's not the case, you still need to designate the files involved.  I bet someone else (Nothing is impossible for the person who does not have to do it.) can write a Perl script to parse makefiles and provide the appropriate authorities to the process running make.  Of course, the way I use make is pretty primitive.  Your mileage is sure to be worse.

________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp


> -----Original Message-----
> From: cap-talk-bounces at mail.eros-os.org [mailto:cap-talk-
> bounces at mail.eros-os.org] On Behalf Of Bill Frantz
> Sent: Tuesday, September 16, 2008 4:59 PM
> To: General discussions concerning capability systems.
> Subject: Re: [cap-talk] More Heresey: ACLs not inherently bad
>
> alan.karp at hp.com (Karp, Alan H) on Thursday, September 11, 2008 wrote:
>
> >I contend the installation endowment is the only time you need to
> grant O(20+) rights.  Per execution
> >is always(?) O(1).
>
> Consider the example of make and its close friend, gcc. In "mature"
> systems, the make environment is a (usually undocumented) monster
> of directories and dependencies. It is majorly daunting to new
> developers. Trying to apply POLA to that environment sends me
> screaming to, "Just give make everything and lets get on with
> life."
>
> Cheers - Bill
>
> -----------------------------------------------------------------------
> ----
> Bill Frantz        |"We used to quip that "password" is the most common
> 408-356-8506       | password. Now it's 'password1.' Who said users
> haven't
> www.periwinkle.com | learned anything about security?" -- Bruce
> Schneier
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk


More information about the cap-talk mailing list