[OLPC Security] Application bundles and delegation

Mark Seaborn mseaborn at cmedresearch.com
Fri Feb 9 09:39:39 EST 2007 

On Thu, 2007-02-08 at 20:02 -0800, Ivan Krstić wrote:
> Ka-Ping Yee wrote:
> > I felt very encouraged upon reading the Bitfrost specification today.
> > Congratulations on what you've accomplished so far.  It makes me very
> > glad to see the up-front acknowledgement, in your introduction, of the
> > key problem in security -- the wholesale granting of authority that
> > happens when applications "run as" users.  When I saw Simson's name
> > and the O'Reilly book mentioned I was even more excited.
> 
> A lot of my ideas about security really clicked together when I first
> read your SID paper many years ago. It's been a big inspiration for my
> work on Bitfrost, so thank you -- shoulders of giants.

Have you seen the other systems that have been influenced by that paper?
CapDesk, Polaris and Plash (the latter being my project) are the ones
that I am aware of.

The CapDesk people have been using the term "powerbox" to refer to a
file chooser that grants an application access to a file, which is what
is described in the P_DOCUMENT section in the Bitfrost spec:

> Instead, when a program wishes to open a user document, it asks the
> system to present the user with a 'file open' dialog. A copy-on-write
> version of the file that the user selects is also mapped into this
> scratch space -- in effect, the file just "appears", along with a
> message informing the program of the file's path within the scratch
> space.

(More specifically, this is a "file powerbox".  CapDesk has other kinds
of powerboxes, such as a powerbox for installing an application, and a
"powerbar" for doing copy and paste.)

Can I suggest that you use the term "powerbox" as well?  When a concept
has a name it is easier to refer to it, and also easier to see how the
idea spreads.

Cheers,
-- 
Mark Seaborn
Software Engineer

Cmed Technology Ltd.
Registered in England and Wales No. 3869835
Registered Office and Address for Communication:
Holmwood, Broadlands Business Campus,
Langhurstwood Road, Horsham, RH12 4QP, United Kingdom

E mseaborn at cmedresearch.com
W www.cmedresearch.com

More information about the Security mailing list