On Wed, Jun 24, 2009 at 6:39 PM, Mark S. Miller <erights@google.com> wrote: > > [1] See for example the section on confused deputy in < > http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf>. I thought David Wagner's > Google techtalk explained "ambient authority" especially clearly <David > Wagner's Google techtalk>. Tyler's "ACLs Don't" <David Wagner's Google > techtalk> explains well how these problems translate into a web context. > Kragen Sitaker's < > http://lists.canonical.org/pipermail/kragen-tol/2000-August/000619.html> > is still worth reading for more than historic interest. Nine years later, we > are still discussing "defenses" that don't address the original problem. > > Oops. Weird copy-paste error. David Wagner's Google techtalk is at < http://www.youtube.com/watch?v=EGX2I31OhBE>. Tyler's "ACLs Don't" is at <http://waterken.sourceforge.net/aclsdont/>. -- Cheers, --MarkMReceived on Thursday, 25 June 2009 01:54:22 GMT
This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:31 GMT