What is whitelist and blacklist data?

前端 未结 5 820
离开以前
离开以前 2021-02-18 13:31

I was reading about development of XPCOM component. I came across these terms called whitelist data and blacklist data, I tried to find out on google but couldn\'t .. I do not

5条回答
  •  遇见更好的自我
    2021-02-18 13:55

    Bruce Schneier has an excellent explanation of black-list vs. white-list in context of computer security: https://www.schneier.com/blog/archives/2011/01/whitelisting_vs.html.

    Physical security works generally on a whitelist model: if you have a key, you can open the door; if you know the combination, you can open the lock. We do it this way not because it's easier -- although it is generally much easier to make a list of people who should be allowed through your office door than a list of people who shouldn't--but because it's a security system that can be implemented automatically, without people.

    To find blacklists in the real world, you have to start looking at environments where almost everyone is allowed. Casinos are a good example: everyone can come in and gamble except those few specifically listed in the casino's black book or the more general Griffin book. Some retail stores have the same model -- a Google search on "banned from Wal-Mart" results in 1.5 million hits, including Megan Fox -- although you have to wonder about enforcement. Does Wal-Mart have the same sort of security manpower as casinos?

提交回复
热议问题