[cap-talk] SCOLL : A Language for Safe Capability Based
Collaboration
Mark Miller
markm at cs.jhu.edu
Tue Jul 19 18:26:02 EDT 2005
Yves Jaradin wrote:
> SCOLL : A Language for Safe Capability Based Collaboration
This is very exciting! Some quick comments:
In the introductory material, you use the terms "mandatory" and
"discretionary" several times. What do you think these terms mean? As used by
the computer security literature, I don't think they mean anything coherent.
If you agree, then you should drop these terms from the paper.
Btw, if we use Saltzer & Schroeder's definition of "discretionary":
> Our discussion [...] rested on an unstated assumption: the principal that
> creates a file or other object in a computer system has unquestioned authority
> to authorize access to it by other principals. [...] We may characterize this
> control pattern as discretionary.
but substitute "subject" for "principal", then object-capabilities are clearly
*not* discretionary. I think your paper implies that they are.
What's the "LP Calculus"? It's mentioned for the first time on p7 with no
citation:
> The SCOLL language is a subset of the LP calculus extended with search.
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list