POLA

From Erights

Revision as of 00:57, 20 September 2008 by Kevin Reid (Talk | contribs)
Jump to: navigation, search

POLA can stand for principle of least authority or principle of least access.

The principle is to give programs (or any active agent) the minimum authority which is sufficient for them to perform their intended (by the invoker) task.

The benefit we claim for capabilities is that they make it practical to apply POLA everywhere, whereas current access-control systems are too coarse, difficult to configure, or don't carry enough information to make proper run-time decisions, such that the only feasible option is to give far too much authority.

Our traditional anti-example is the Solitaire game in Windows. The game only needs authority to open one window, draw to it, receive events directed at that window, and to read and write a file keeping the high scores; but what it gets is all the authority bundled into the user account it is running under (just like all other programs run in that account).

This page is a stub; it should be expanded with more information. If doing so, check the original E web site and the mailing list archives for content which could be moved into this page.
Personal tools
more tools