| |||||||||||||
sandbox != capability access controlsandbox != capability access controlPosted May 19, 2006 3:40 UTC (Fri) by zooko (subscriber, #2589)In reply to: sandbox != capability access control by pimlott Parent article: .desktop files and security
Perhaps Alan Karp did use that terminology. Indeed, the first sentence of http://plash.beasts.org says "Plash is a system for sandboxing GNU/Linux programs.".
However, Plash (and Polaris) are doing something new that the Java sandbox paradigm did not do, namely dynamically extending the privileges available to the constrained code by observing what actions the user is asking the constrained code to perform.
We ought to use different terminology in order to make it clear to people that Plash and Polaris are not merely another attempt at implementing the failed Java sandbox paradigm. I've already made this suggestion in private e-mail to Mark Seaborn (of Plash). Now I'll make the same suggestion to Alan Karp.
Regards,
Zooko
(Log in to post comments)
sandbox != capability access control Posted Aug 9, 2006 18:41 UTC (Wed) by vonbrand (subscriber, #4458) [Link] This is nonsensical... expand the limits according to what the user asks to be expanded? I.e., allow dancing pigs if asked?
sandbox != capability access control Posted Aug 9, 2006 23:11 UTC (Wed) by zooko (subscriber, #2589) [Link] Indeed. The idea is to allow dancing pigs, without thereby also allowing theft or destruction of your data, illicit use of your network, etc.
See "Polaris" and "plash" for examples.
|
|||||||||||||