Homework Help is Here – Start Your Trial Now!
Engineering
Computer Science
5. Suppose a user wishes to edit the file xyzzy in a capability-based system. How the editor cannot access any other file? Could this be done in an ACL-based system? If so not?

5. Suppose a user wishes to edit the file xyzzy in a capability-based system. How the editor cannot access any other file? Could this be done in an ACL-based system? If so not?

Database System Concepts
Database System Concepts
7th Edition
ISBN:9780078022159
Author:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Chapter1: Introduction
Section: Chapter Questions
Problem 1PE
See similar textbooks
icon
Related questions
Question
5. Suppose a user wishes to edit the file xyzzy in a capability-based system. How can we ensure that the editor cannot access any other file? Could this be done in an ACL-based system? If so, how? If not, why not?
Transcribed Image Text:5. Suppose a user wishes to edit the file xyzzy in a capability-based system. How can we ensure that the editor cannot access any other file? Could this be done in an ACL-based system? If so, how? If not, why not?
Expert Solution
Step 1

The solution to the given question is:

In a feature-based system , permissions are set on files for specific processes. So when a user tries to edit a file (eg xyzzy) , only that file is granted read/write permission and only that single process. Cap(process(user)) = {xyzzy.{read, write, execute}}

Since the list of possibilities is only set for certain files and not access to other files , you can be sure that your users will only have access to xyzzy files.

This cannot be done on ACL based systems. There is no way to ensure that the editor cannot access any file other than intended one. This is because permissions are granted based on user , group and entity permissions in the ACL system. Users can access different files depending on the groups in which they are listed. Even if a user is only granted access to xyzzy files , they can access some other files depending on the group's permissions.

steps

Step by step

Solved in 2 steps

SEE SOLUTIONCheck out a sample Q&A here
Blurred answer
Knowledge Booster
Software Systems
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.
Recommended textbooks for you
Database System Concepts
Database System Concepts
Computer Science
ISBN:
9780078022159
Author:
Abraham Silberschatz Professor, Henry F. Korth, S. Sudarshan
Publisher:
McGraw-Hill Education
Starting Out with Python (4th Edition)
Starting Out with Python (4th Edition)
Computer Science
ISBN:
9780134444321
Author:
Tony Gaddis
Publisher:
PEARSON
Digital Fundamentals (11th Edition)
Digital Fundamentals (11th Edition)
Computer Science
ISBN:
9780132737968
Author:
Thomas L. Floyd
Publisher:
PEARSON
C How to Program (8th Edition)
C How to Program (8th Edition)
Computer Science
ISBN:
9780133976892
Author:
Paul J. Deitel, Harvey Deitel
Publisher:
PEARSON
Database Systems: Design, Implementation, & Manag…
Database Systems: Design, Implementation, & Manag…
Computer Science
ISBN:
9781337627900
Author:
Carlos Coronel, Steven Morris
Publisher:
Cengage Learning
Programmable Logic Controllers
Programmable Logic Controllers
Computer Science
ISBN:
9780073373843
Author:
Frank D. Petruzella
Publisher:
McGraw-Hill Education
SEE MORE TEXTBOOKS