Issue 650: Problems related to "local constrainedness" of Cresentials (2) (sec-rev) Source: (, ) Nature: Uncategorized Severity: Summary: Summary: In interface SecurityLevel2::AuditChannel operation audit_write, which has CredentialsList parameter. If problem is fixed, it appears in SecurityAdmin::AuditPolicy operation set_audit_channel Resolution: This issue was fixed in revision 1.2 Revised Text: Actions taken: August 1, 1997: received issue April 17, 1998: closed issue Discussion: End of Annotations:===== Return-Path: Sender: jis@fpk.hp.com Date: Fri, 01 Aug 1997 20:08:22 -0400 From: Jishnu Mukerji Organization: Hewlett-Packard New Jersey Laboratories To: sec-rev@omg.org Subject: Interesting problem to think about As a followup to this long draawn out discussion that has been going on about "locally constrained" objects, I decided to screen through the Security spec with a fine-toothed comb to see what kind of problems are lurking in there. My analysis so far shows that there are problems related to "local constrainedness" of Credentials in two places. They are: (2) In interface SecurityLevel2::AuditChannel operation audit_write, which has a CredentialsList parameter. If an attempt is made to fix this by saying that AuditChannel is locality constrained, then the problem appears in SecurityAdmin::AuditPolicy operation set_audit_channel. In both of these cases the intent is to pass the contents of a bunch of Credentials in a tamper-proof way to the target objects. These are cases where ideally a secure pass by value would be what one is looking for. Unfortunately, since that is not available, we will have to come up with something that actually works in a secure manner. This is a legitimate issue that needs to be addressed. Juergen, please add this to the list of issues. Thanks to Ken for asking all those questions about "locality constraint" and to all of you for your patience while we painfully figure all this out. Regards, Jishnu. --- Jishnu Mukerji Email: jis@fpk.hp.com Hewlett-Packard New Jersey Labs Tel: +1 973 443 7528 MS D283, 180 Park Avenue, Bldg 103, Fax: +1 973 443 7602 Florham Park NJ 07932-9998, USA.