Unix security additions
John F Haugh II
jfh at rpp386.cactus.org
Tue Mar 19 11:14:31 AEST 1991
In article <15996.27e4cf9a at levels.sait.edu.au> xtdn at levels.sait.edu.au writes:
>terryl at sail.LABS.TEK.COM writes:
>> according to this acquaintance, there is a concept of "secure" windows, (and
>> natch, there is also a concept of "non-secure" windows..) And one of the things
>> one can NOT do is "cut" from a "secure" window, and then "paste" into a "non-
>> secure" window. Can't have that "sensitive" guv`mint data released to the
>> masses, I guess.....
>
>Presumably one cannot TYPE in a non-secure window either? Can't have that
>"sensitive" guv`mint data typed by hand, either, can we?
At some point in time you ultimately have to trust the people who you
have given access to this data to. This is why it is permissible to
type from a higher level window to a lever level window - simply because
desk blotters and note pads lack MAC labels. As for why you can't have
cut and paste between windows, hell, seems like a completely arbitrary
restriction to me - provided the invoker has the authority to downgrade
information, that is. "downgrader" isn't exactly an authority that
should be tossed around, so maybe there is something to it ...
--
John F. Haugh II | Distribution to | UUCP: ...!cs.utexas.edu!rpp386!jfh
Ma Bell: (512) 832-8832 | GEnie PROHIBITED :-) | Domain: jfh at rpp386.cactus.org
"I've never written a device driver, but I have written a device driver manual"
-- Robert Hartman, IDE Corp.
More information about the Comp.unix.internals
mailing list