zlacker

[parent] [thread] 7 comments
1. SamRei+(OP)[view] [source] 2014-10-09 04:28:50
Just pick one that gives the feature I described without being a pain to the user.
replies(1): >>Touche+T
2. Touche+T[view] [source] 2014-10-09 04:55:44
>>SamRei+(OP)
I know of no such models. Perhaps someone smarter than me has thought of them, that's why I asked the question initially.
replies(2): >>SamRei+h2 >>pjmlp+8e
◧◩
3. SamRei+h2[view] [source] [discussion] 2014-10-09 05:38:09
>>Touche+T
Sandboxing. It's present on OS X.
replies(1): >>Touche+9n
◧◩
4. pjmlp+8e[view] [source] [discussion] 2014-10-09 11:26:20
>>Touche+T
Sandboxing, where each process is only allowed to use a precise set of system resources.

Any attempt to use anything else leads to termination.

replies(1): >>Touche+3n
◧◩◪
5. Touche+3n[view] [source] [discussion] 2014-10-09 13:42:59
>>pjmlp+8e
Which resources are they allowed to use? What defines which resources they are given?
replies(1): >>pjmlp+hu1
◧◩◪
6. Touche+9n[view] [source] [discussion] 2014-10-09 13:44:02
>>SamRei+h2
I'm confused. The original person I responded to said that no desktop OSes had good security models. On OSX I can write a script that, when run as a user, has access to everything the user has access to. So what exactly are you talking about?
replies(1): >>SamRei+fC
◧◩◪◨
7. SamRei+fC[view] [source] [discussion] 2014-10-09 16:02:43
>>Touche+9n
I'm talking about OS X sandboxing. The hypothetical PDF reader doesn't have access to the email.
◧◩◪◨
8. pjmlp+hu1[view] [source] [discussion] 2014-10-10 06:46:15
>>Touche+3n
> Which resources are they allowed to use?

The system administrator at installation time.

> What defines which resources they are given?

Applications just have a request list of what they require.

If the administrator doesn't allow them for the given application modules (executable, dynamic library, function call,...), bad luck.

[go to top]