[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The Perils of Pluggability

From: Matthieu Lemerre
Subject: Re: The Perils of Pluggability
Date: Mon, 10 Oct 2005 17:26:18 +0200
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux)

"Jonathan S. Shapiro" <address@hidden> writes:

> On Mon, 2005-10-10 at 15:06 +0200, Alfred M. Szmidt wrote:
>>    > Extensibility is not a synonym of vulnerability.
>>    Of COURSE it is!
>> Actually, it isn't.  Me extentions to vulnerable program A do not
>> affect you.
> Counterexamples:
> [...]

I think that you are both right.

When Alfred is talking about Extensibility is not a synonym of
vulnerability, he is talking about the ability for a user to run its
own set of servers, and use them instead of the standard ones.  It has
several security bonuses:

-The trusted computing base is reduced,

-Confinement is made possible

The examples you gave are more about some kind of extensibility which
would allow more interactions with the system/other users, and thus
may compromise the system.

Thus we want extensibility, but which would impact only the user
making use of the extensions.  We want secure extensibility :)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]