[E-Lang] Java 2 "Security"

Bill Frantz frantz@communities.com
Fri, 26 Jan 2001 17:06:36 -0800


At 07:46 PM 1/26/01 -0500, Jonathan S. Shapiro wrote:
>In particular, ACL systems that rely on the dynamic introduction of new
>principals are a mess, both for immediate reasons and because the next
>move is invariably permission by inheritance, which introduces a very
>high order algorithm and potentially unbounded storage allocation
>requirements right smack into the middle of the fundamental protection
>mechanism. Yuck.

Is it possible to understand permission inheritance well enough to use it
safely?  I admit to being frequently confused by standard Java inheritance,
even though I know the rules.