blob: 7a2003f6d365e094898bd0a5530fc424095da749 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
(.module:
[library
[lux "*"
["$" documentation {"+" [documentation:]}]
[data
[text {"+" [\n]}
["%" format {"+" [format]}]]]
[macro
["[0]" template]]]]
[\\library
["[0]" /]])
(documentation: (/.Policy brand value %)
"A security policy encoded as the means to 'upgrade' or 'downgrade' in a secure context.")
(documentation: (/.Can_Upgrade brand % value)
"Represents the capacity to 'upgrade' a value.")
(documentation: (/.Can_Downgrade brand % value)
"Represents the capacity to 'downgrade' a value.")
(documentation: (/.Privilege brand %)
"Represents the privilege to both 'upgrade' and 'downgrade' a value.")
(documentation: (/.Delegation brand %from %to)
"Represents the act of delegating policy capacities.")
(documentation: /.delegation
"Delegating policy capacities."
[(delegation downgrade upgrade)])
(documentation: (/.Context brand scope %)
"A computational context with an associated policy privilege.")
(documentation: /.with_policy
"Activates a security context with the priviledge to enforce it's policy."
[(type: Password
(Private Text))
(type: (Policy %)
(Interface
(: (-> Text (Password %))
password)
(: (-> (Password %) Text)
unsafe)))
(def: (policy _)
(Ex (_ %) (-> Any (Policy %)))
(with_policy
(: (Context Privacy Policy)
(function (_ (^open "%::."))
(implementation
(def: (password value)
(%::can_upgrade value))
(def: (unsafe password)
(%::can_downgrade password)))))))]
[(with_policy context)])
(documentation: /.Privacy
(format "A security context for privacy."
\n "Private data is data which cannot be allowed to leak outside of the programmed."))
(documentation: /.Safety
(format "A security context for safety."
\n "Safe data is data coming from outside the program which can be trusted to be properly formatted and lacking injections."))
(.def: .public documentation
(.List $.Module)
($.module /._
""
[..Policy
..Can_Upgrade
..Can_Downgrade
..Privilege
..Delegation
..delegation
..Context
..with_policy
..Privacy
..Safety
($.default /.functor)
($.default /.apply)
($.default /.monad)
($.default /.Private)
($.default /.Can_Conceal)
($.default /.Can_Reveal)
($.default /.Safe)
($.default /.Can_Trust)
($.default /.Can_Distrust)]
[]))
|