Capability vs ACL models of security

J.D. Fagan (jfagan@2bridge.com)
Mon, 13 Jul 1998 15:48:09 -0700

From: "J.D. Fagan" <jfagan@2bridge.com>
To: <java-security@java.sun.com>
Subject: Capability vs ACL models of security
Date: Mon, 13 Jul 1998 15:48:09 -0700

http://www.communities.com/company/papers/security/index.html

What are your thoughts about this URL's claim that Java is not secure
enough? Is this based on JDK 1.1 or 1.2 in your opinion? And do you think
that Capability based security is better approach than ACL security? Am I
correct in assuming that the ACL model is used in JDK 1.2, correct?

Thanks for any feedback,

J.D. Fagan
2Bridge Software