[E-Lang] Java 2 "Security" (was: Re: WelcomeChrisSkalkaandScottSmith of Johns Hopkins)

Ben Laurie ben@algroup.co.uk
Thu, 25 Jan 2001 11:31:09 +0000


David Wagner wrote:
> 
> Ben Laurie  wrote:
> >The difference is that if I delegate my identity to a person or program,
> >they can do _anything_ I'm entitled to do according to the ACLs.
> 
> Yeah, so don't do that.  :-)

If you are suggesting I should have a different identity for each
operation, then isn't that just capabilities in disguise?

> There's nothing about ACL's that forces you to do all-or-nothing
> delegation.  In fact, if you look at, say, Unix file permissions (an
> ACL system), delegation is not all-or-nothing: you can hand off just
> read permission, etc.

I can? How?

> The issue of the granularity of delegation seems to be orthogonal to
> whether annotations about security privileges are stored at the subject
> or object, no?

I don't know. I'm finding it hard to think about the question, which
probably means you are right.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff