Linked by David Adams on Fri 10th Jun 2005 15:25 UTC, submitted by tm
Bugs & Viruses Many virus attacks aren't really exploiting weaknesses in your operating sytem: they're simply tricking you into telling the OS to do things that it shouldn't do. The OS is just doing its job, executing code when you say so. Researchers at HP Labs are working on a solution to this problem using the Principle of Least Authority, or POLA -- "limiting the rights of each program to only the ones needed for the job the user wants done"
Permalink for comment
To read all comments associated with this story, please click here.
What's new?
by Haugland on Mon 13th Jun 2005 13:46 UTC

Protection systems like this have been around for a long time. The first example I know of is "TRON" from 1995 (http://www.selberg.org/~speed/papers/tron/tron/tron.html).

The problem is not the protection mechanisms, but how to make them easy to administer for the admins and users. If the users have to struggle to make things work, they will rather suffer from the occational virus.

What is needed is a system, on the OS level, which can manage installation of programs, and the assignment of privileges/capabilities to these programs. When the protection mechanisms are easy to use they will be widespread.