|
|
|
|
|
|
by vacuity
440 days ago
|
|
|
Or capabilities. Additive security has been known for decades; Linux really dropped the ball here. Linux file descriptors (open file descriptions, whatever) are close to a genuine capability model, except there's plenty of leakage where you can get at the insecure base. |
|
|