"Ronald L. Rivest" <[EMAIL PROTECTED]> writes: > What is "aperture minimization"? That's a new term for me... > Never heard of it before. Google has never seen it either... > > (Perhaps others on the list would be curious as well...)
I'm sure you have heard of it, just under other names. The term "aperture minimization" really just means that -- keeping the potential opening that can be attacked minimized. If you have only a tiny piece of trusted code, it is easier to fully audit than if you have a large piece of trusted code. If you have only a brief period when you have privileges asserted, there is less scope for hijacking a program than if it asserts privileges at all times. If your system can send general SQL queries to the database server, someone hijacking it can do the same, but if you can only send very limited canned queries by an ad hoc protocol the hijacker has less scope for mischief. Thus, aperture minimization: narrow the window (aperture) and less stuff can get through it. Perry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
