Abstract | ||
---|---|---|
One of the challenges in modern systems is the conflict between the desire to run software from a wide variety of untrusted
sources and the need to prevent malicious activity by those scripts.
The current standard practice is to attempt to achieve this through permissions, but this has been shown repeatedly to fail
in a variety of ways. If permissions are made too granular, they become impossible to configure and so tend to become useless.
If they are less granular, loopholes appear through which malicious scripts can wriggle. In either case, providing useful
defaults whilst still providing security has proved to be a daunting (or, perhaps, judging on the evidence, impossible) task.
|
Year | DOI | Venue |
---|---|---|
2005 | 10.1007/978-3-540-77156-2_35 | Security Protocols Workshop |
Keywords | Field | DocType |
Safer scripting | Parse tree,Computer science,Computer security,SAFER,System call,Access control,Scripting language,Global variable | Conference |
Volume | ISSN | ISBN |
4631 | 0302-9743 | 3-540-77155-7 |
Citations | PageRank | References |
1 | 0.37 | 0 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ben Laurie | 1 | 297 | 14.00 |
Frank Stajano | 2 | 1 | 1.05 |
George Danezis | 3 | 3130 | 226.61 |
Bruce Christianson | 4 | 15 | 8.58 |
Richard Clayton | 5 | 50 | 7.98 |