On Jul 24, 2008, at 4:20 PM, Matthew Dillon wrote:
I think the best way to approach the problem is to work out the
desired
userland API first... find the easiest and most convenient way to
wrap
an application, what kind of features are desired, etc, and then
implement it.
I think Szilveszter Adam was right to point out that any such system
needs to work with the user, and support what the user needs in a way
that fits well with they interact with an application. Rather than
being the easiest and most convenient (for the developer), the API
should be the simplest means to provide what the user needs. That may
have been what you meant when you said "what kinds of features are
desired", though.
There's a great book that covers a wide range of security and
usability topics called *Security and Usability: Designing Secure
Systems That People Can Use*, by Cranor and Garfinkel. I highly
recommend it.
http://books.google.com/books?id=wDVhy9EyEAEC&dq=lorrie+faith+cranor+simson+garfinkel+usable+security&pg=PP1&ots=BOKHuIHr2u&sig=e-DoE4ap0ldkxffFqUs8LaROmYc&hl=en&sa=X&oi=book_result&resnum=1&ct=result
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
