IOS Security model
[1/6] from: bry::itnisk::com at: 21-Sep-2004 9:56
--
Bryan Rasmussen
I suppose Rebol IOS has to have a capability based security model, is there any
documentation of that security model anywhere?
[2/6] from: robert::muench::robertmuench::de at: 21-Sep-2004 19:26
On Tue, 21 Sep 2004 09:56:09 +0200, Bryan Rasmussen <[bry--itnisk--com]> wrote:
> ...
What do you want to know exactly? Security on the wire or the security of
the shared information? Robert
[3/6] from: bry::itnisk::com at: 22-Sep-2004 11:27
Security of the application is my primary question, if I go out and access a new
reblet I suppose it must be running in some sort of sandbox that keeps an
attacker from putting malicious reblets out there that can try to attack a user.
So I'm wondering what the limitations of the sandbox are. What rules are in
place to prevent attacks.
--
Bryan Rasmussen
Quoting "Robert M. Münch" <[robert--muench--robertmuench--de]>:
[4/6] from: SunandaDH::aol::com at: 22-Sep-2004 5:46
Bryan:
> I suppose Rebol IOS has to have a capability based security model, is
there
> any documentation of that security model anywhere?
There is an overview here:
http://www.rebol.com/security.html
Sunanda.
[5/6] from: bry::itnisk::com at: 23-Sep-2004 11:37
--
Bryan Rasmussen
okay reading this:
All local file accesses are restricted to local directories,
sandboxes", that
have been specified in advance. Any attempt to access files outside of the
specified sandbox areas will pause the program and inform the user of the
situation. The user is given the choice of terminating the program
immediately."
It's pretty clear that no further capability based security has been added other
than that which rebol provides anyway. The description sounds sort of
problematic to me, is this going to be the same user that opens .exe files in
outlook and clicks open when asked if they really want to do that?
From a minimal requirements perspective I'd think there would be possibilities
to have administration of multiple IOS accounts by a corporate administrator who
could set it to always fail if the sandbox was violated, with error logging.
Also I suppose allowing extra capabilities to various reblets beforehand.
The reason why I brought this up was because of the other thread on plugin
security, I'd hoped that IOS had a rich capabilities system and it could somehow
be adapted to the plugin.
Quoting [SunandaDH--aol--com]:
[6/6] from: rotenca:telvia:it at: 23-Sep-2004 13:09
Hi,
> It's pretty clear that no further capability based security has been added
other
> than that which rebol provides anyway. The description sounds sort of
> problematic to me, is this going to be the same user that opens .exe files
in
> outlook and clicks open when asked if they really want to do that?
read herefor rebol
http://www.rebol.com/docs/core23/rebolcore-2.html#section-2.4
and here for IOS
http://www.reboltech.com/express/docs/user-admin.html#section-3
---
Ciao
Romano