[cap-talk] Manipulating an object with a secondary reference

Mark S. Miller markm at cs.jhu.edu
Tue Nov 14 04:52:52 CST 2006

Micah Brodsky wrote:
> I did a bounded depth first search of sorts from that link, and it helped a
> lot, but I'm still a bit unclear on how you actually implement a
> synergy-style rights amplification mechanism -- i.e. how you implement the
> magic black box that can pull out a more powerful capability. 

Some other interesting links can be found starting from:


(I got this by typing "sealer unsealer marcs ping" into the new ABACUS[*] 
search box on the <http://www.erights.org/> home page. If the above URL is 
mangled by email, that's probably easier than trying to repair it.)

Do you do
> things like have a method on the weaker capability that takes in a "synergy
> partner" capability, does some sort of equality or instance-of test on it,
> and then returns the more powerful facet of itself?

Yes, that's a good way. Two examples of that technique can be found about two 
thirds of the way into
The first of these examples has an interesting bug which the second corrects.

A more elaborate form of this technique can be found at
which I found by following the above search link.

[*] ABACUS = Authorization-based Access Control for Usable Security.

Text by me above is hereby placed in the public domain


More information about the cap-talk mailing list