ACM SIGOPS Operating Systems Review
General-purpose, commercial software platforms are increasingly used as system building blocks, even for dependable systems. One reason for their generality, usefulness, and popular adoption is that these software platforms can evolve through ad hoc extensions: behavior tweaks outside the scope of supported platform interfaces. Unfortunately, such use of internal platform implementation details is fundamentally incompatible with security and reliability. Even so, platforms that exclude ad hoc extensions---for instance, by enforcing full isolation and strict interfaces---will, most likely, either have their security enforcement circumvented or be relegated to a niche market. In this paper, we identify ad hoc extensions as well as the economic and technical factors surrounding their existence. Subsequently, we propose the enforcement of novel access-control policies for reconciling ad hoc extensibility with security and reliability.
Erlingsson, Úlfar and MacCormick, John P., "Ad hoc Extensibility and Access Control" (2006). Dickinson College Faculty Publications. Paper 666.