[cap-talk] Reducing Ambient user authority in a Type Safe /Memory Safe OS.
Karp, Alan H
alan.karp at hp.com
Wed Dec 16 08:24:38 PST 2009
Ben Kloosterman wrote:
Ø I suppose there are really 4 forms of escalations here
I don't understand the need for escalation. I assume each application has an installation endowment granting it the permissions it needs every time it runs. In addition, the running instance will need additional permissions specific to each run, but that information must be specified by the user. CapDesk showed that the user acts of designation denoting what the user wants done can be used to infer which of the user's rights to delegate to the running instance. Am I missing something?
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20091216/93bd8113/attachment.html
More information about the cap-talk
mailing list