Insight gained from reading a paper titled "ACLs don't" that is really obvious in retrospect:

the confused deputy problem happens exactly because authority-based systems care about the authority of whoever directly performs an operation, and that intuition/model breaks when there's a *delegation*, i.e. with deputies.

It would be possible to deal with simple delegation, but it won't work when there are multiple levels of it or when there are complex delegation graphs.

@bugaevc Do you have a link to this paper? Sounds quite interesting.

Sign in to participate in the conversation
Mastodon for Tech Folks

This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either! We adhere to an adapted version of the TootCat Code of Conduct and follow the Toot Café list of blocked instances. Ash is the admin and is supported by Fuzzface, Brian!, and Daniel Glus as moderators. Hosting costs are largely covered by our generous supporters on Patreon – thanks for all the help!