PyCon PL 2015: Laurens van Houtven "Object capability security"
Most software we write has the ability to do essentially anything: open sockets, spawn processes, perform long blocking computation, read arbitrary objects in memory, et cetera. Most tools for limiting what applications can do are opt-in; many of them are complex to use. This has important security implications; software can often be tricked into abusing those privileges that it didn’t really even need to have to begin with. The object-capability model is an alternative security model that reasons about capabilities as first-class objects. In this talk, we’ll explore what object-capability security is, why we’re not all using it already, how we can leverage the ideas in it to materially improve the security of the projects we maintain today and start tomorrow.
Смотрите видео PyCon PL 2015: Laurens van Houtven "Object capability security" онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь PyCon PL 16 Март 2016, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 165 раз и оно понравилось 1 людям.