[cap-talk] ... enforcement - hope? Capabilities as clumsy, not
Jed Donnelley
jed at nersc.gov
Mon Sep 27 18:02:44 EDT 2004
At 02:18 PM 9/27/2004, Ian Grigg wrote:
>Jed Donnelley wrote:
>
>>I'm starting to wonder if there are some sort of capability
>>implementations that I'm unaware of that are raising this
>>concern about the cost for use of capabilities.
>
>There is an "inside" versus "outside" barrier to
>overcome, which Tyler so eloquently put as a claim
>that only a master programmer need apply.
Sorry, I don't follow you in the above comment.
Could you elaborate a bit? Do you mean the design
issue of picking a granularity for objects that was
discussed in response to Tyler's message?
>That, and the absence of an easy way to get coding
>with caps, are the two things that I see as the
>costs.
Hmmm. I wonder if there' a significant difference in
this area between the capabilities as data model of
capabilities (e.g. passwords imbedded in descriptors
or encrypted blocks, e.g. as in:
http://www.webstart.com/jed/papers/Managing-Domains/
) and the capabilities as managed in a system supported
c-list model? I don't see how programming capabilities as
data could be any different than dealing with any other
data structure. Am I right then as reading this concern
only as related to capabilities when supported in c-lists?
Even with capabilities in c-lists I think there shouldn't be
much difference from the issues of dealing with any other
sort of system supported resource (e.g. like an open file
descriptor).
>(I know that people have tried to overcome these
>issues.)
I would like to understand these issues better. Perhaps
somebody could point me to a paper discussing how
some people have tried to overcome these issues?
--Jed http://www.webstart.com/jed/
More information about the cap-talk
mailing list