On Mon, Dec 10, 2001 at 11:00:06AM -0500, Mr. James W. Laferriere wrote:
> Hello Stephen , Is this the only attribution ?
> Just love those 'we won't share security info with you unless you
> are member or pay.' . Sorry , JimL
There are other references in the paper: I've appended them below.
One, in particular, seems to talk about quite similar concepts:
[1] NJS JavaScript Interpreter. http://www.bbassett.net/njs/.
[2] The OpenBSD Operating System. http://www.openbsd.org/.
[3] World Wide Web Consortium. http://www.w3.org/.
[4] Anurag Acharya and Mandar Raje. Map- box: Using parameterized
behavior classes to confine applications. In Proceedings of the 2000
USENIX Security Symposium, pages 1-17, Denver, CO, August 2000.
[5] Andrew Berman, Virgil Bourassa, and Erik Selberg. TRON:
Process-Specific File Protection for the UNIX Operating System. In
USENIX 1995 Technical Conference, New Orleans, Louisiana, January
[6] David Flanagan. JavaScript The De nitive Guide. O'Reilly, 1998.
[7] Tim Fraser, Lee Badger, and Mark Feldman. Hardening COTS Software
with Generic Software Wrappers. In Proceedings of the IEEE Symposium
on Security and Privacy, Oakland, CA, May 1999.
[8] Ian Goldberg, David Wagner, Randi Thomas, and Eric A. Brewer. A
Secure Environment for Untrusted Helper Applications. In USENIX 1996
Technical Conference, 1996.
[9] Li Gong. Inside Java 2 Platform Security. Addison-Wesley, 1999.
[10] James Gosling, Bill Joy, and Guy Steele. The Java Language
Specification. Addison Wesley, Reading, 1996.
[11] http://www.cert.org/advisories/.
[12] Sotiris Ioannidis and Steven M. Bellovin. Sub-Operating Systems: A
New Approach to Application Security. Technical Report MS-CIS-01- 06,
University of Pennsylvania, February 2000.
[13] R. Kaplan. SUID and SGID Based Attacks on UNIX: a Look at One Form
of then Use and Abuse of Privileges. Computer Security Journal,
9(1):73-7, 1993.
[14] Jacob Y. Levy, Laurent Demailly, John K. Ousterhout, and Brent
B. Welch. The Safe-Tcl Security Model. In USENIX 1998 Annual Technical
Conference, New Orleans, Louisiana, June 1998.
[15] Gary McGraw and Edward W. Felten. Java Security: hostile applets,
holes and antidotes. Wiley, New York, NY, 1997.
[16] G. C. Necula and P. Lee. Safe, Untrusted Agents using
Proof-Carrying Code. In Lecture Notes in Computer Science Special
Issue on Mobile Agents, October 1997.
[17] Dan S. Wallach, Dirk Balfanz, Drew Dean, and Edward
W. Felten. Extensible Security Architectures for Java. In Proceedings
of the 16th ACM Symposium on Operating Systems Principles, October
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Dec 15 2001 - 21:00:17 EST