[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Just a few questions

From: Jonathan S. Shapiro
Subject: Re: Just a few questions
Date: Sun, 23 Oct 2005 13:41:48 -0400

On Sun, 2005-10-23 at 15:33 +0530, BVK Chaitanya wrote:
> If a process gets mouse pointer capability (say MPC), it shouldnt trust 
> MPC unless it passes 'capability authentication' phase. Capability 
> authentication guarantees that MPC you have is *really* *only* an MPC.

In practice, this is unlikely. The case where you use "identify" is when
the capability has arrived by way of an untrusted sender. An application
that uses the mouse is likely to assume that the display (and the
associated capabilities) is being provided as part of a standard,
trusted environment.

The cases where you tend to use "authenticate" are

  (a) you are a server, you serve multiple clients,
      they do not trust each other, and they may be 
      trying to hurt each other through you.
  (b) you are a program that must keep secrets from
      your client (for example: private keys) even
      when this is your only client.

Both cases are rare.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]