Date: Mon, 10 Dec 2001 16:15:33 +0000
From: "Stephen C. Tweedie" <sct@redhat.com>
To: "Mr. James W. Laferriere" <babydr@baby-dragons.com>
Cc: "Stephen C. Tweedie" <sct@redhat.com>,
        "Peter J. Braam" <braam@clusterfs.com>, Nathan Scott <nathans@sgi.com>,
        Andreas Gruenbacher <ag@bestbits.at>, linux-kernel@vger.kernel.org,
        linux-fsdevel@vger.kernel.org, linux-xfs@oss.sgi.com
Subject: Re: [PATCH] Revised extended attributes interface
Message-ID: <20011210161533.G1919@redhat.com>
In-Reply-To: <20011210155628.E1919@redhat.com> <Pine.LNX.4.40.0112101059020.7362-100000@filesrv1.baby-dragons.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.LNX.4.40.0112101059020.7362-100000@filesrv1.baby-dragons.com>; from babydr@baby-dragons.com on Mon, Dec 10, 2001 at 11:00:06AM -0500
Sender: linux-kernel-owner@vger.kernel.org

Hi,

On Mon, Dec 10, 2001 at 11:00:06AM -0500, Mr. James W. Laferriere wrote:
> 
> 	Hello Stephen ,  Is this the only attribution ?
> 	Just love those 'we won't share security info with you unless you
> 	are member or pay.' .  Sorry ,  JimL

There are other references in the paper: I've appended them below.
One, in particular, seems to talk about quite similar concepts:

http://www.usenix.org/publications/library/proceedings/sec2000/acharya.html

Cheers,
 Stephen

[1] NJS JavaScript Interpreter. http://www.bbassett.net/njs/.

[2] The OpenBSD Operating System. http://www.openbsd.org/.

[3] World Wide Web Consortium. http://www.w3.org/.

[4] Anurag Acharya and Mandar Raje. Map- box: Using parameterized
behavior classes to confine applications. In Proceedings of the 2000
USENIX Security Symposium, pages 1-17, Denver, CO, August 2000.

[5] Andrew Berman, Virgil Bourassa, and Erik Selberg. TRON:
Process-Specific File Protection for the UNIX Operating System. In
USENIX 1995 Technical Conference, New Orleans, Louisiana, January
1995.

[6] David Flanagan. JavaScript The De nitive Guide. O'Reilly, 1998.

[7] Tim Fraser, Lee Badger, and Mark Feldman. Hardening COTS Software
with Generic Software Wrappers. In Proceedings of the IEEE Symposium
on Security and Privacy, Oakland, CA, May 1999.

[8] Ian Goldberg, David Wagner, Randi Thomas, and Eric A. Brewer. A
Secure Environment for Untrusted Helper Applications. In USENIX 1996
Technical Conference, 1996.

[9] Li Gong. Inside Java 2 Platform Security. Addison-Wesley, 1999.

[10] James Gosling, Bill Joy, and Guy Steele. The Java Language
Specification. Addison Wesley, Reading, 1996.

[11] http://www.cert.org/advisories/.

[12] Sotiris Ioannidis and Steven M. Bellovin. Sub-Operating Systems: A
New Approach to Application Security. Technical Report MS-CIS-01- 06,
University of Pennsylvania, February 2000.

[13] R. Kaplan. SUID and SGID Based Attacks on UNIX: a Look at One Form
of then Use and Abuse of Privileges. Computer Security Journal,
9(1):73-7, 1993.

[14] Jacob Y. Levy, Laurent Demailly, John K. Ousterhout, and Brent
B. Welch. The Safe-Tcl Security Model. In USENIX 1998 Annual Technical
Conference, New Orleans, Louisiana, June 1998.

[15] Gary McGraw and Edward W. Felten. Java Security: hostile applets,
holes and antidotes. Wiley, New York, NY, 1997.

[16] G. C. Necula and P. Lee. Safe, Untrusted Agents using
Proof-Carrying Code. In Lecture Notes in Computer Science Special
Issue on Mobile Agents, October 1997.

[17] Dan S. Wallach, Dirk Balfanz, Drew Dean, and Edward
W. Felten. Extensible Security Architectures for Java. In Proceedings
of the 16th ACM Symposium on Operating Systems Principles, October
1997.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/