[cap-talk] keeping discussion on cap-talk - network capabilities, etc.

Ben Laurie ben at algroup.co.uk
Thu Nov 4 17:37:29 EST 2004 

Jed at Webstart wrote:
> Finally, with regard to Toby's:
> 
>>> NOTE: this also means that any caps given to this process can't be 
>>> (usefully) passed on, since they won't be usable to any other process 
>>> (since keys are randomly generated by the system). 
>>...
>>
> 
> and Ben's response:
> 
>>The argument I would use,
>>then, is that the process doesn't, in this 
>>case, have the capabilities, it merely has keys to them. This is exactly 
>>how capabilities work in EROS.
>>
>>So, this isn't really a "caps-as-data"
>>system.
>>
> 
> I believe that the most useful way of using the term "capability" is as
> anything that grants the right to use a resource.  The particular
> form and associated mechanisms used for communicating capabilities
> are part of the capability protocol - whether partitioned as in classical
> c-list systems, tagged architectures, or more open ended capabilities
> as data.
> 
> How then can I interpret the above statement that a process "doesn't ...
> have the capabilities, it merely has keys to them."?
> 
> Does it have the right to access the resource?  If so
> then it has the "capability."  If not, then not.

Indeed, I would agree with this. The distinction I was trying to draw 
was whether it had capabilities as data or access to capabilities 
through some other mechanism. I used the term "keys" to indicate that 
what the process holds is a designator for the capability, interpretable 
by the OS, and confined to the process (should the OS so choose).

> I hope I'm not isolating myself on a terminological
> limb.  If there isn't general agreement on this point
> then it seems to me the whole notion of things like
> "password" capabilities or capabilities as data, etc.
> must be oxymorons to those who demand a more limited
> definition of the term "capability."

I was being imprecise. I thought it was obvious what I meant from the 
context, but clearly I was wrong.

I think we all agree with the terminology. I certainly hope so!

Cheers,

Ben.

-- 
ApacheCon! 13-17 November! http://www.apachecon.com/

http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

More information about the cap-talk mailing list