[E-Lang] Re: Old Security Myths Continue to Mislead
Jonathan S. Shapiro
Mon, 6 Aug 2001 17:22:59 -0400
> Even though all messages passed through the core, the core never looked at
> the payloads. Hence, confinement ala Lampson was not enforced.
> confinement could have been enforced using a mechanism in the design that
> did not get a chance to implement.
Examining the payloads is not required. The core must only validate that the
sender holds a valid capability to the receiver. This is a common
misunderstanding of confinement. Go back and look at Lampson again.