[e-lang] A broken brand?

Raoul Duke raould at gmail.com
Thu Mar 13 18:24:14 EDT 2008


ah, of course, makes sense.

thanks.

On Thu, Mar 13, 2008 at 3:14 PM, Kevin Reid <kpreid at mac.com> wrote:
>
> On Mar 13, 2008, at 18:04, Raoul Duke wrote:
>
>  >>  The problem here is that we have two situations that we cannot
>  >> really
>  >>  distinguish. One of them is considered valid (holding the
>  >> unsealer and a
>  >
>  > is reflection generally considered fair game? e.g. the box could test
>  > if there are extra stacks in the call hierarchy?
>
>  No. The box (all objects in an ocap system, even) has no authority to
>  have that information.
>
>  Making call stack information available puts you right back to
>  identity-based access control, confused deputies, and information
>  leakage.
>
>  --
>  Kevin Reid                            <http://homepage.mac.com/kpreid/>
>
>
>
>
>  _______________________________________________
>  e-lang mailing list
>  e-lang at mail.eros-os.org
>  http://www.eros-os.org/mailman/listinfo/e-lang
>


More information about the e-lang mailing list