[OLPC Security] Application bundles and delegation
Mark Seaborn
mseaborn at cmedresearch.com
Fri Feb 9 09:39:39 EST 2007
On Thu, 2007-02-08 at 20:02 -0800, Ivan Krstić wrote:
> Ka-Ping Yee wrote:
> > I felt very encouraged upon reading the Bitfrost specification today.
> > Congratulations on what you've accomplished so far. It makes me very
> > glad to see the up-front acknowledgement, in your introduction, of the
> > key problem in security -- the wholesale granting of authority that
> > happens when applications "run as" users. When I saw Simson's name
> > and the O'Reilly book mentioned I was even more excited.
>
> A lot of my ideas about security really clicked together when I first
> read your SID paper many years ago. It's been a big inspiration for my
> work on Bitfrost, so thank you -- shoulders of giants.
Have you seen the other systems that have been influenced by that paper?
CapDesk, Polaris and Plash (the latter being my project) are the ones
that I am aware of.
The CapDesk people have been using the term "powerbox" to refer to a
file chooser that grants an application access to a file, which is what
is described in the P_DOCUMENT section in the Bitfrost spec:
> Instead, when a program wishes to open a user document, it asks the
> system to present the user with a 'file open' dialog. A copy-on-write
> version of the file that the user selects is also mapped into this
> scratch space -- in effect, the file just "appears", along with a
> message informing the program of the file's path within the scratch
> space.
(More specifically, this is a "file powerbox". CapDesk has other kinds
of powerboxes, such as a powerbox for installing an application, and a
"powerbar" for doing copy and paste.)
Can I suggest that you use the term "powerbox" as well? When a concept
has a name it is easier to refer to it, and also easier to see how the
idea spreads.
Cheers,
--
Mark Seaborn
Software Engineer
Cmed Technology Ltd.
Registered in England and Wales No. 3869835
Registered Office and Address for Communication:
Holmwood, Broadlands Business Campus,
Langhurstwood Road, Horsham, RH12 4QP, United Kingdom
E mseaborn at cmedresearch.com
W www.cmedresearch.com
More information about the Security
mailing list