[cap-talk] Capability allegories
6 views
Skip to first unread message
Matt Rice
Feb 2, 2016, 1:00:24 PM2/2/16
to General discussions concerning capability systems.
Rob has shared the Rumpelstiltskin interpretation,
One of the examples i have used to explain the confused deputy,
is in Genesis (from the bible)
Eve in the story is both described as both helper, and tricked
it has the benefit of being both well known, and the word of god.
_______________________________________________
cap-talk mailing list
cap-...@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/cap-talk
One of the examples i have used to explain the confused deputy,
is in Genesis (from the bible)
Eve in the story is both described as both helper, and tricked
it has the benefit of being both well known, and the word of god.
_______________________________________________
cap-talk mailing list
cap-...@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/cap-talk
Mark S. Miller
Feb 2, 2016, 4:23:04 PM2/2/16
to General discussions concerning capability systems.
Unless I am missing something, I don't see how Eve is the story is a Confused Deputy, in the security sense of the term as coined and explained in Norm's paper <http://www.cis.upenn.edu/~KeyKOS/ConfusedDeputy.html>.
--
Cheers,
--MarkM
--MarkM
Matt Rice
Feb 2, 2016, 4:36:27 PM2/2/16
to General discussions concerning capability systems.
Yeah, it is a bit of a stretch, I should probably said its a well
known story that can be framed in capability terms.
A few points, that the order of the story matters...
god makes adam,
Revokes authority to the tree of knowledge of good and evil,
only then he knocks Adam out, and creates Eve from Adam's rib..
Then Eve gets tricked into taking the fruit, and sharing it with Adam.
It at least allows us to show that the access control that god used
was not transitive to eve (who was created *from* Adam)
known story that can be framed in capability terms.
A few points, that the order of the story matters...
god makes adam,
Revokes authority to the tree of knowledge of good and evil,
only then he knocks Adam out, and creates Eve from Adam's rib..
Then Eve gets tricked into taking the fruit, and sharing it with Adam.
It at least allows us to show that the access control that god used
was not transitive to eve (who was created *from* Adam)
William ML Leslie
Feb 2, 2016, 7:53:45 PM2/2/16
to General discussions concerning capability systems.
On 3 February 2016 at 08:36, Matt Rice <rat...@gmail.com> wrote:
> Yeah, it is a bit of a stretch, I should probably said its a well
> known story that can be framed in capability terms.
>
> A few points, that the order of the story matters...
>
> god makes adam,
> Revokes authority to the tree of knowledge of good and evil,
> only then he knocks Adam out, and creates Eve from Adam's rib..
> Then Eve gets tricked into taking the fruit, and sharing it with Adam.
How do you figure that God revoked Adam's access to the tree before he
> Yeah, it is a bit of a stretch, I should probably said its a well
> known story that can be framed in capability terms.
>
> A few points, that the order of the story matters...
>
> god makes adam,
> Revokes authority to the tree of knowledge of good and evil,
> only then he knocks Adam out, and creates Eve from Adam's rib..
> Then Eve gets tricked into taking the fruit, and sharing it with Adam.
ate from it? After all, it was Adam who was given the command, not
Eve. It'd be a bit pointless to give someone a command that they
couldn't violate.
But the real reason this analogy falls flat for me is that all the
actors here knew what they were doing. Not only does the punishment
not make sense if Adam didn't know what he was eating, but the guilty
excuse he makes, throwing his wife under the bus when he should have
taken responsibility, shows that he was complicit in that rebellion.
--
William Leslie
Notice:
Likely much of this email is, by the nature of copyright, covered
under copyright law. You absolutely MAY reproduce any part of it in
accordance with the copyright law of the nation you are reading this
in. Any attempt to DENY YOU THOSE RIGHTS would be illegal without
prior contractual agreement.
Matt Rice
Feb 2, 2016, 8:31:07 PM2/2/16
to General discussions concerning capability systems.
On Tue, Feb 2, 2016 at 4:53 PM, William ML Leslie
<william.l...@gmail.com> wrote:
> On 3 February 2016 at 08:36, Matt Rice <rat...@gmail.com> wrote:
>> Yeah, it is a bit of a stretch, I should probably said its a well
>> known story that can be framed in capability terms.
>>
>> A few points, that the order of the story matters...
>>
>> god makes adam,
>> Revokes authority to the tree of knowledge of good and evil,
>> only then he knocks Adam out, and creates Eve from Adam's rib..
>> Then Eve gets tricked into taking the fruit, and sharing it with Adam.
>
> How do you figure that God revoked Adam's access to the tree before he
> ate from it? After all, it was Adam who was given the command, not
> Eve. It'd be a bit pointless to give someone a command that they
> couldn't violate.
>
> But the real reason this analogy falls flat for me is that all the
> actors here knew what they were doing. Not only does the punishment
> not make sense if Adam didn't know what he was eating, but the guilty
> excuse he makes, throwing his wife under the bus when he should have
> taken responsibility, shows that he was complicit in that rebellion.
I should say that it represents a failure to confine as defined by
<william.l...@gmail.com> wrote:
> On 3 February 2016 at 08:36, Matt Rice <rat...@gmail.com> wrote:
>> Yeah, it is a bit of a stretch, I should probably said its a well
>> known story that can be framed in capability terms.
>>
>> A few points, that the order of the story matters...
>>
>> god makes adam,
>> Revokes authority to the tree of knowledge of good and evil,
>> only then he knocks Adam out, and creates Eve from Adam's rib..
>> Then Eve gets tricked into taking the fruit, and sharing it with Adam.
>
> How do you figure that God revoked Adam's access to the tree before he
> ate from it? After all, it was Adam who was given the command, not
> Eve. It'd be a bit pointless to give someone a command that they
> couldn't violate.
>
> But the real reason this analogy falls flat for me is that all the
> actors here knew what they were doing. Not only does the punishment
> not make sense if Adam didn't know what he was eating, but the guilty
> excuse he makes, throwing his wife under the bus when he should have
> taken responsibility, shows that he was complicit in that rebellion.
http://www.cap-lore.com/CapTheory/term.html
"An environment confines if state in the environment cannot get out
even with the coordinated efforts of code in and out of the
environment."
Adam was given the command not Eve, and yet Adam was still capable of
breaking the command through collusion with Eve...
I honestly don't really care about the details of the analogy so much
as the fact that
it stresses the age and importance of the problem
William ML Leslie
Feb 2, 2016, 9:11:16 PM2/2/16
to General discussions concerning capability systems.
On 3 February 2016 at 12:31, Matt Rice <rat...@gmail.com> wrote:
> On Tue, Feb 2, 2016 at 4:53 PM, William ML Leslie
> <william.l...@gmail.com> wrote:
>
> I should say that it represents a failure to confine as defined by
> http://www.cap-lore.com/CapTheory/term.html
Ok. But it's still not a very low-fat analogy. If it is too obvious
> On Tue, Feb 2, 2016 at 4:53 PM, William ML Leslie
> <william.l...@gmail.com> wrote:
>
> I should say that it represents a failure to confine as defined by
> http://www.cap-lore.com/CapTheory/term.html
to people that part of the premise is at odds with the original, they
get distracted and the analogy loses its explanatory power.
--
William Leslie
Notice:
Likely much of this email is, by the nature of copyright, covered
under copyright law. You absolutely MAY reproduce any part of it in
accordance with the copyright law of the nation you are reading this
in. Any attempt to DENY YOU THOSE RIGHTS would be illegal without
prior contractual agreement.
Reply all
Reply to author
Forward
0 new messages