How can I find more information on the WinFS security model? I would like to
know in detail how it works. I am specifically concerned with how malware is
handled. Currently, if I run an application, it has the same rights to
access the same files that I do. This has to go.
It seems the capability security model
(
http://www.skyhunter.com/marcs/capabilityIntro/) is ideal for solving this
issue. I do not know whether Microsoft has taken this route. The most
sticky issue with capabilities is configuration. Somehow the user must tell
each application what it can and cannot access. This could probably be
solved with security templates for different types of applications. The user
would have to apply the security template that they thought this application
should be allowed to have, upon installing it. If they install spyware, they
would not apply a template that let it send things out to the internet.
But I would like to see how Microsoft has done things, to see if it
satisfies my concerns for preventing malware problems.