[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: trust [was Re: Open Xlock as root]



On Mon, 6 Dec 1999, Andrew Morgan wrote:

> Pavel Kankovsky wrote:
> >          1  trusted   2  trusted    untrusted
> > person ---- terminal --- X server --- xlock --- PAM library
> >               hw           3  |                   |  5
> >                           trusted ------------- trusted
> >                          GUI agent       4      PAM helper
> 
> So this has got me thinking. What would it take to implement trusted
> path in Linux? What would it look like if we did have it?

This chart assumes we have it. Anyway, I think it does not represent an
ideal approach for other reasons. I will send a mail about it later.

> From the discussion so far, we have:
> 
>    trusted programs (processes)
>    trusted channels (filedescriptors?)
>
> Are there other things?

We have both the nodes (processes) and the edges (channels). I do not
think anything else is needed. But I may be wrong. Of course, there are
two types of nodes: intermediate nodes that connect two (or
more?) channels, and the actual endpoints of the trusted path.

> What type of data can quantify trust? Is a single bit sufficient?

Well, the predicate saying that X trusts Y to Z is either true or
false for a given triple of arguments (unless we operate in some
nonstandard logic, e.g. fuzzy logic), therefore a single bit should be
sufficient to describe the quantity of trust. But not its quality
(i.e. the values of X, Y, Z).

> The type of trust we've talked about here are those surrounding the idea
> that we trust a data stream to faithfully represent the intentions of a
> real user. Are there any other applications of trusted path?

IMHO the primary guarantee the trusted path is supposed to provide
is that it will deliver the information to the intended (from the user's
pov) receiver only.


--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []