[E-Lang] Re: Caplet Launcher issues
Ken Kahn
kenkahn@toontalk.com
Thu, 30 Nov 2000 12:00:34 -0800
From: "Marc Stiegler" <marcs@skyhunter.com>
[snip]
>
> As a less fierce interim solution for those who worry only about viruses
and
> not about data leaks, you could pass the caplet read/write authority to a
> permanent directory that the caplet could use for storing preferences and
> custom dictionaries. With this strategy, the caplet could store its own
> custom dictionaries. You could still buy an evil word processor from the
> developer of BackOrifice and still keep your e-gold and PayPal accounts
> safe. But if even once you used the evil word processor for handling CIA
> documents explaining who really shot JFK, you could absolutely not ever
give
> it authority to access the Internet (whereas, without the permanent
> directory, you could even give the evil word processor Internet access
when
> writing letters to your mother). A programmatically simple, though not
> user-intuitive, solution for mixed CIA+mother word processing would be to
> grant the word processor preferences directory authority when writing
> mother, and refuse preferences authority when writing for the CIA (or give
> it only preferences-read-authority on CIA docs, no write authority).
>
[snip]
Thanks for the detailed answer. The big question underlying all this is how
you would set things up for your mother (the classical form of the question
usually involves your grandmother - in my case I think about how to set
things up for 8-year olds). I like the permanent directory solution but I
wonder if there aren't holes. Couldn't your mother still acquire a Word
macro virus? While the damage would presumably be limited to the documents
she has saved on the permanent directory, it still would be bad (though much
better than the current situation).
It seems to me that a sophisticated user can have the security that
capabilities provide without significant inconveniences. A grandmother or
8-year old has to live with some pre-designed capability assignments that is
a compromise between security and convenience.
Best,
-ken kahn