Re-sent with proper addressing ...
Rob Meijer wrote:
>> The
>> system is "defended" in that the worst the attacker can do to corrupt
>> the system is limited to the transitive closure of what the confined
>> processes are allowed to access.
>>
> The damage the atacker can do would be defined
Rob Meijer wrote:
>> The
>> system is "defended" in that the worst the attacker can do to corrupt
>> the system is limited to the transitive closure of what the confined
>> processes are allowed to access.
>>
> The damage the atacker can do would be defined by the authority not the
> permissio
Mark Seaborn wrote:
> Crispin Cowan <[EMAIL PROTECTED]> wrote:
>> The other issue with the object capability model is analyzability.
>> Stephen Smalley complained about this in some public setting a while ago
>> when someone basically asked for an object capability enhancement to
>> SELinux. Stephe