[cap-talk] solve CSRF by making references unforgeable, not unshareable
Karp, Alan H
alan.karp at hp.com
Thu Mar 26 11:37:07 EDT 2009
> -----Original Message-----
> From: cap-talk-bounces at mail.eros-os.org [mailto:cap-talk-
> bounces at mail.eros-os.org] On Behalf Of lists at notatla.org.uk
> Sent: Thursday, March 26, 2009 2:38 AM
> To: cap-talk at mail.eros-os.org
> Subject: Re: [cap-talk] solve CSRF by making references unforgeable,
> not unshareable
> "Karp, Alan H" wrote,
> > One of Jed Donnelley's systems (DCCS?) encrypted sparse
> > capabilities with a key not available to the process holding
> > them in order to prevent leakage when people read dumps.
> If something's not sparse what stops someone changing it?
They are sparse capabilities.
> I thought that was the idea beind encrypting the tokens
> in this example.
The string "encr" doesn't show up on that page.
> cap-talk mailing list
> cap-talk at mail.eros-os.org
Virus Safe Computing Initiative
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
More information about the cap-talk