The Safe-Tcl Security Model

Get BibTex-formatted data

Author

John K. Ousterhout, Jacob Y. Levy, Brent B. Welch

Entry type

inproceedings

Abstract

Safe-Tcl is a mechanism for controlling the execution of programs written in the Tcl scripting language. It allows untrusted scripts (applets) to be executed while preventeing damage to the environment or leakage of private information. Safe-Tcl uses a padded cell approach: each applet is isolated in a safe interpreter where it cannot interact directly with the rest of the application. The execution environment of the safe interpreter is controlled by trusted scipts running in a master interpreter. Safe-Tcl provides an alias mechanism that allows applets to request services from the master interpreter in a controlled fashion. Safe-Tcl allows a variety of security policies to be implemented even within a single application, and it supports both policies that authenticate incoming scrips and those that do not.

Date

1997

Address

Mountain View, California, USA

Key alpha

Ousterhout

Publisher

Sun Microsystems Laboratories

Affiliation

Sun Microsystem Laboratories

Publication Date

1997-00-00

1 Introduction 2 Overview of Tcl 3 Security Issues 4 Safe Interpreters, Aliases, and Hidden Commands 5 Security Policies 6 Using Authentication 7 Multiple Applets 8 Denial-of-Services Attacks 9 Status 10 Related Work 11 Conclusions 12 Acknowledgements 13 References 14 About the Authors

Copyright

1997

Language

English

Location

A hard-copy of this is in the Papers Cabinet

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Inproceedings{ Ousterhout,
	title = "The Safe-Tcl Security Model",
	author = "John K. Ousterhout, Jacob Y. Levy, Brent B. Welch",
	year = "1997",
	address = "Mountain View, California, USA",
	publisher = "Sun Microsystems Laboratories",
	abstract = "Safe-Tcl is a mechanism for controlling the execution of programs written in the Tcl scripting language.  It allows untrusted scripts (applets) to be executed while preventeing damage to the environment or leakage of private information.  Safe-Tcl uses a padded cell approach: each applet is isolated in a safe interpreter where it cannot interact directly with the rest of the application.  The execution environment of the safe interpreter is controlled by trusted scipts running in a master interpreter.  Safe-Tcl provides an alias mechanism that allows applets to request services from the master interpreter in a controlled fashion.  Safe-Tcl allows a variety of security policies to be implemented even within a single application, and it supports both policies that authenticate incoming scrips and those that do not.",
	affiliation = "Sun Microsystem Laboratories",
	contents = "1  Introduction
2  Overview of Tcl
3  Security Issues
4  Safe Interpreters, Aliases, and Hidden Commands
5  Security Policies
6  Using Authentication
7  Multiple Applets
8  Denial-of-Services Attacks
9  Status
10  Related Work
11  Conclusions
12  Acknowledgements
13  References
14  About the Authors",
	copyright = "1997",
	language = "English",
}