IOS Security model
[1/6] from: bry::itnisk::com at: 21-Sep-2004 9:56
-- Bryan Rasmussen I suppose Rebol IOS has to have a capability based security model, is there any documentation of that security model anywhere?
[2/6] from: robert::muench::robertmuench::de at: 21-Sep-2004 19:26
On Tue, 21 Sep 2004 09:56:09 +0200, Bryan Rasmussen <[bry--itnisk--com]> wrote:
What do you want to know exactly? Security on the wire or the security of the shared information? Robert
[3/6] from: bry::itnisk::com at: 22-Sep-2004 11:27
Security of the application is my primary question, if I go out and access a new reblet I suppose it must be running in some sort of sandbox that keeps an attacker from putting malicious reblets out there that can try to attack a user. So I'm wondering what the limitations of the sandbox are. What rules are in place to prevent attacks. -- Bryan Rasmussen Quoting "Robert M. Münch" <[robert--muench--robertmuench--de]>:
[4/6] from: SunandaDH::aol::com at: 22-Sep-2004 5:46
> I suppose Rebol IOS has to have a capability based security model, is
> any documentation of that security model anywhere?
There is an overview here: http://www.rebol.com/security.html Sunanda.
[5/6] from: bry::itnisk::com at: 23-Sep-2004 11:37
-- Bryan Rasmussen okay reading this: All local file accesses are restricted to local directories, sandboxes", that have been specified in advance. Any attempt to access files outside of the specified sandbox areas will pause the program and inform the user of the situation. The user is given the choice of terminating the program immediately." It's pretty clear that no further capability based security has been added other than that which rebol provides anyway. The description sounds sort of problematic to me, is this going to be the same user that opens .exe files in outlook and clicks open when asked if they really want to do that? From a minimal requirements perspective I'd think there would be possibilities to have administration of multiple IOS accounts by a corporate administrator who could set it to always fail if the sandbox was violated, with error logging. Also I suppose allowing extra capabilities to various reblets beforehand. The reason why I brought this up was because of the other thread on plugin security, I'd hoped that IOS had a rich capabilities system and it could somehow be adapted to the plugin. Quoting [SunandaDH--aol--com]:
[6/6] from: rotenca:telvia:it at: 23-Sep-2004 13:09
> It's pretty clear that no further capability based security has been added
> than that which rebol provides anyway. The description sounds sort of > problematic to me, is this going to be the same user that opens .exe files
> outlook and clicks open when asked if they really want to do that?
read herefor rebol http://www.rebol.com/docs/core23/rebolcore-2.html#section-2.4 and here for IOS http://www.reboltech.com/express/docs/user-admin.html#section-3 --- Ciao Romano