[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Alternative network stack design (was: Re: Potential use case for op
|
From: |
Pierre THIERRY |
|
Subject: |
Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack |
|
Date: |
Mon, 8 Jan 2007 17:21:10 +0100 |
|
User-agent: |
Mutt/1.5.13 (2006-08-11) |
Scribit Marcus Brinkmann dies 08/01/2007 hora 12:10:
> Remember that the scenario is that process A wants to give an
> inspectable process B access to a service S which requires opaque
> storage allocations, without giving B access to opaque storage
> allocation.
Either I don't get something or you're confused: how would an
inspectable process make use of opaque storage in a way that is a threat
for inspection?
> You seem to be missing that in the discussed scenario we have three
> processes A, B, and S, where the delegation chain is "A->B->S", and A
> trusts S with a certain resource (like opaque allocation) but not B.
In the capability system as it would be implemented by Hurd, if A gives
the same capability to B and S, or gives a capability to B that gives it
to S (without proxying it, but by merely copying the untouched
capability), would A be able to discriminate when invocation of the
capability is made by B or S?
Isn't it the whole point of reference monitors?
Curiously,
Pierre
--
address@hidden
OpenPGP 0xD9D50D8A
signature.asc
Description: Digital signature
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, (continued)
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, Marcus Brinkmann, 2007/01/07
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, Pierre THIERRY, 2007/01/07
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, Jonathan S. Shapiro, 2007/01/08
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, Pierre THIERRY, 2007/01/08
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, Jonathan S. Shapiro, 2007/01/08
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, Marcus Brinkmann, 2007/01/08
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, Pierre THIERRY, 2007/01/08
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, Marcus Brinkmann, 2007/01/08
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, Pierre THIERRY, 2007/01/08
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack, Marcus Brinkmann, 2007/01/08
- Re: Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack,
Pierre THIERRY <=
- Opaque storage, Jonathan S. Shapiro, 2007/01/08
- Re: Opaque storage, Marcus Brinkmann, 2007/01/08
- Opaque storage, Pierre THIERRY, 2007/01/09
- Re: Opaque storage, Marcus Brinkmann, 2007/01/09
- Re: Opaque storage, Pierre THIERRY, 2007/01/09
- Re: Opaque storage, Marcus Brinkmann, 2007/01/10
- Re: Opaque storage, Alan Grimes, 2007/01/10
- Re: Opaque storage, Pierre THIERRY, 2007/01/10
- Re: Opaque storage, Anton Tagunov, 2007/01/10
- Re: Opaque storage, Pierre THIERRY, 2007/01/10