[cap-talk] The Cascade Problem viewed as a Permission vs. Authority Distinction
John Carlson
john.carlson3 at sbcglobal.net
Wed May 24 02:14:07 EDT 2006
I think some ideas that have floated around here are that the right
to communicate a capability
is basically given when you give someone a capability. Don't share
capabilities unless you
want them communicated. Proxying will happen whether you want it to
or not. For Access Control
systems, this means you get a sys admin to type in some things they
don't have a clue what
it does. If I give you a portion of a capability to do your job,
then that is the correct thing to do.
( say a write capability w/o read capability).
I'm not some great capability theorist, so someone else can chime in
here.
John
More information about the cap-talk
mailing list