|
|
|
|
|
|
by corank
462 days ago
|
|
|
> if a process were to expose a mechanism for other processes to essentially proxy keychain queries through it, that can undermine the security of the whole system. This looks like a case of confused deputy problem: https://en.wikipedia.org/wiki/Confused_deputy_problem A capability-based design should be able to systematically prevent this kind of problems. |
|
|
I think Entitlements could be considered a type of capability? And if so, then you're right on your this point, as the solution was to require an entitlement to talk to the daemon itself.