Movatterモバイル変換

C-list (computer security)

From Wikipedia, the free encyclopedia

Incapability-based computer security, aC-list is anarray of capabilities, usually associated with aprocess and maintained by thekernel. The program running in the process does not manipulate capabilities directly, but refers to them viaC-list indexes—integers indexing into the C-list.

Thefile descriptor table inUnix is an example of a C-list. Unix processes do not manipulatefile descriptors directly, but refer to them via file descriptor numbers, which are C-list indexes.

In theKeyKOS andEROS operating systems, a process's capability registers constitute a C-list.^[1]

References

[edit]

^"Glossary". Cap-lore.com. 2000-01-19. Retrieved2019-07-08.

v t e Object-capability security
Concepts	Principle of least privilege (PoLP) Confused deputy problem Ambient authority File descriptor C-list Object-capability model Capability-based security Capability-based addressing Zooko's triangle Petnames
Operating systems, kernels	Capsicum Fuchsia Genode GNOSIS →KeyKOS →EROS → CapROS Hydra iMAX 432 Midori NLTSS seL4 HarmonyOS (HarmonyOS NEXT) Phantom OS
Programming languages	Caja–Cajita E Joe-E Joule
File systems	Tahoe-LAFS
Specialised hardware	BiiN Cambridge CAP CHERI Flex IBM System/38 Intel iAPX 432 Plessey System 250

Retrieved from "https://en.wikipedia.org/w/index.php?title=C-list_(computer_security)&oldid=1143591707"

Categories:

[8]ページ先頭

Movatterモバイル変換

See also

References