> In the papers and > studies published on the predecessors of SELinux (see the papers and > reports accessible via the links on > http://www.nsa.gov/selinux/background.html), > we've argued that capability-based systems are poorly suited for > enforcing security policies. To be more specific, I'm referring to the following papers and studies: The Flask Security Architecture: System Support for Diverse Security Policies, 8th USENIX Security Symposium, Aug 1999, http://www.nsa.gov/selinux/flask-abs.html Providing Policy Control Over Object Operations in a Mach Based System, 5th USENIX Security Symposium, June 1995, http://www.cs.utah.edu/flux/fluke/html/dtos/HTML/abstracts.html#usenix95 DTOS General System Security and Assurability Assessment Report, June 1997, http://www.cs.utah.edu/flux/fluke/html/dtos/HTML/technical-docs.html -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Apr 27 2001 - 12:30:14 PDT