Re: [PATCH] Revised extended attributes interface

Stephen C. Tweedie (sct@redhat.com)
Mon, 10 Dec 2001 16:15:33 +0000


Hi,

On Mon, Dec 10, 2001 at 11:00:06AM -0500, Mr. James W. Laferriere wrote:
>
> Hello Stephen , Is this the only attribution ?
> Just love those 'we won't share security info with you unless you
> are member or pay.' . Sorry , JimL

There are other references in the paper: I've appended them below.
One, in particular, seems to talk about quite similar concepts:

http://www.usenix.org/publications/library/proceedings/sec2000/acharya.html

Cheers,
Stephen

[1] NJS JavaScript Interpreter. http://www.bbassett.net/njs/.

[2] The OpenBSD Operating System. http://www.openbsd.org/.

[3] World Wide Web Consortium. http://www.w3.org/.

[4] Anurag Acharya and Mandar Raje. Map- box: Using parameterized
behavior classes to confine applications. In Proceedings of the 2000
USENIX Security Symposium, pages 1-17, Denver, CO, August 2000.

[5] Andrew Berman, Virgil Bourassa, and Erik Selberg. TRON:
Process-Specific File Protection for the UNIX Operating System. In
USENIX 1995 Technical Conference, New Orleans, Louisiana, January
1995.

[6] David Flanagan. JavaScript The De nitive Guide. O'Reilly, 1998.

[7] Tim Fraser, Lee Badger, and Mark Feldman. Hardening COTS Software
with Generic Software Wrappers. In Proceedings of the IEEE Symposium
on Security and Privacy, Oakland, CA, May 1999.

[8] Ian Goldberg, David Wagner, Randi Thomas, and Eric A. Brewer. A
Secure Environment for Untrusted Helper Applications. In USENIX 1996
Technical Conference, 1996.

[9] Li Gong. Inside Java 2 Platform Security. Addison-Wesley, 1999.

[10] James Gosling, Bill Joy, and Guy Steele. The Java Language
Specification. Addison Wesley, Reading, 1996.

[11] http://www.cert.org/advisories/.

[12] Sotiris Ioannidis and Steven M. Bellovin. Sub-Operating Systems: A
New Approach to Application Security. Technical Report MS-CIS-01- 06,
University of Pennsylvania, February 2000.

[13] R. Kaplan. SUID and SGID Based Attacks on UNIX: a Look at One Form
of then Use and Abuse of Privileges. Computer Security Journal,
9(1):73-7, 1993.

[14] Jacob Y. Levy, Laurent Demailly, John K. Ousterhout, and Brent
B. Welch. The Safe-Tcl Security Model. In USENIX 1998 Annual Technical
Conference, New Orleans, Louisiana, June 1998.

[15] Gary McGraw and Edward W. Felten. Java Security: hostile applets,
holes and antidotes. Wiley, New York, NY, 1997.

[16] G. C. Necula and P. Lee. Safe, Untrusted Agents using
Proof-Carrying Code. In Lecture Notes in Computer Science Special
Issue on Mobile Agents, October 1997.

[17] Dan S. Wallach, Dirk Balfanz, Drew Dean, and Edward
W. Felten. Extensible Security Architectures for Java. In Proceedings
of the 16th ACM Symposium on Operating Systems Principles, October
1997.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/