[cap-talk] Manipulating an object with a secondary reference
Rob J Meijer
rmeijer at xs4all.nl
Tue Nov 14 03:33:03 CST 2006
I'm not sure how relevant this is, but would a basic dual key lock
not be a simple alternative?
Just define a DualKeyLock class that takes 3 references for its
construction DualKeyLock(key1,key2,guarded) that are kept in mKey1,mKey2
and mGuarded, and than implements a method unlock(key1,key2) that simply
((key1 == mKey1)&&(key2 == mKey2))||((key1 == mKey2)&&(key2 == mKey1))
and on success returns mGuarded. You can give the key objects a reference
to their DualKeyLock reference in order to find peer keys in a large set
> Yes, that looks about right. Thanks!
>> >Should you just dig through your own
>> >capabilities hunting for an applicable one?
>> As mentioned at the cap-lore link, you could do that, but
>> capability systems implement other mechanisms to do the
>> equivalent more efficiently.
> I did a bounded depth first search of sorts from that link, and it helped
> lot, but I'm still a bit unclear on how you actually implement a
> synergy-style rights amplification mechanism -- i.e. how you implement the
> magic black box that can pull out a more powerful capability. Do you do
> things like have a method on the weaker capability that takes in a
> partner" capability, does some sort of equality or instance-of test on it,
> and then returns the more powerful facet of itself?
> "In summary the domain creator performs synergy by invoking a synergy
> function of a more primitive object. In general this pattern continues
> an object, such as a kernel object, is reached that is not constrained by
> capability discipline. Such programs are generally entrusted to enforce
> discipline." from http://www.cap-lore.com/CapTheory/Synergy.html leaves me
> little unclear as to how this recursion bottoms out! :)
> cap-talk mailing list
> cap-talk at mail.eros-os.org
More information about the cap-talk