[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The Perils of Pluggability
From: |
Matthieu Lemerre |
Subject: |
Re: The Perils of Pluggability |
Date: |
Mon, 10 Oct 2005 17:26:18 +0200 |
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.0.50 (gnu/linux) |
"Jonathan S. Shapiro" <address@hidden> writes:
> On Mon, 2005-10-10 at 15:06 +0200, Alfred M. Szmidt wrote:
>
>> > Extensibility is not a synonym of vulnerability.
>>
>> Of COURSE it is!
>>
>> Actually, it isn't. Me extentions to vulnerable program A do not
>> affect you.
>
> Counterexamples:
> [...]
I think that you are both right.
When Alfred is talking about Extensibility is not a synonym of
vulnerability, he is talking about the ability for a user to run its
own set of servers, and use them instead of the standard ones. It has
several security bonuses:
-The trusted computing base is reduced,
-Confinement is made possible
The examples you gave are more about some kind of extensibility which
would allow more interactions with the system/other users, and thus
may compromise the system.
Thus we want extensibility, but which would impact only the user
making use of the extensions. We want secure extensibility :)
- Re: instance and instantiator, (continued)
Re: The Perils of Pluggability, Ludovic Courtès, 2005/10/10
Re: The Perils of Pluggability, Alfred M. Szmidt, 2005/10/10
Re: The Perils of Pluggability, Jonathan S. Shapiro, 2005/10/10
Re: The Perils of Pluggability,
Matthieu Lemerre <=
Re: The Perils of Pluggability, Alfred M. Szmidt, 2005/10/11
Re: The Perils of Pluggability, Jonathan S. Shapiro, 2005/10/11
Re: The Perils of Pluggability, Jonathan S. Shapiro, 2005/10/10
Re: The Perils of Pluggability (was: capability authentication), Alfred M. Szmidt, 2005/10/10
Re: Capability Authentication, Marcus Völp, 2005/10/13