Subject: Re: kauth, securelevel, and "run levels"
To: None <email@example.com>
From: Steven M. Bellovin <firstname.lastname@example.org>
Date: 03/25/2006 13:07:22
On Sat, 25 Mar 2006 12:37:07 -0500, Thor Lancelot Simon
I like what you said, but I want to call attention to one point:
> As Kirk said to me years ago, the idea was to
> provide a simple, even provably-correct, means of dramatically limiting
> the extent of any system compromise
I'd like to retain the focus on "simple, even provably-correct". Any
new scheme should be high assurance.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb