Date: Fri, 14 Jan 2000 16:35:16 +0000 From: David Pick <D.M.Pick@qmw.ac.uk> To: Robert Watson <robert+freebsd@cyrus.watson.org> Cc: freebsd-security@freebsd.org Subject: Re: Restructuring authorization checks to facilitate new security models Message-ID: <E1299gy-0005rl-00@xi.css.qmw.ac.uk> In-Reply-To: Your message of "Fri, 14 Jan 2000 08:08:25 EST." <Pine.BSF.3.96.1000113200906.33318B-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
The subject/object model looks reasonable, but I suspect that some operations will turn out to have more than one object operand; for example a user/process (subject) mounting (operation) a file system (object) at a particular place in the already mounted filesystem (second object). I also suspect that the exact choice of which subject to use will not always be obvious; in my example will it be the user or the process? - the criteria about what object should "inherit" what capabilities from what object and be controlled by any ACLs tagged on to which object will be a good generator of (ahem) debate. -- David Pick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1299gy-0005rl-00>