Jonathan S. Shapiro
Mon, 17 Jul 2000 15:51:44 -0400
> I am unclear about the meaning of "The password can apply to the entire
> capability.". I presume that by "password capability system" you mean one
> where all the bits are visible to the program, be they UIDs or "secret
I meant that the object identity need not be kept in the clear. The password
(or secret key) can protect both the object identity and the permissions
> Trying to reconstruct the Monash magic years later it occurred to me that
> program confined by the XOR trick would be likely to have the same
> capability C in the form C and also C xor S. This would reveal likely
> candidates for S, the confining secret.
> Is the Monash magic online somewhere that you know of?
Only the Pose paper. However, note that the value C xor S is never present
in application memory in that design. Therefore, I believe this is not a