[cap-talk] Manipulating an object with a secondary reference
Mark S. Miller
markm at cs.jhu.edu
Tue Nov 14 04:52:52 CST 2006
Micah Brodsky wrote:
> I did a bounded depth first search of sorts from that link, and it helped a
> lot, but I'm still a bit unclear on how you actually implement a
> synergy-style rights amplification mechanism -- i.e. how you implement the
> magic black box that can pull out a more powerful capability.
Some other interesting links can be found starting from:
(I got this by typing "sealer unsealer marcs ping" into the new ABACUS[*]
search box on the <http://www.erights.org/> home page. If the above URL is
mangled by email, that's probably easier than trying to repair it.)
Do you do
> things like have a method on the weaker capability that takes in a "synergy
> partner" capability, does some sort of equality or instance-of test on it,
> and then returns the more powerful facet of itself?
Yes, that's a good way. Two examples of that technique can be found about two
thirds of the way into
The first of these examples has an interesting bug which the second corrects.
A more elaborate form of this technique can be found at
which I found by following the above search link.
[*] ABACUS = Authorization-based Access Control for Usable Security.
Text by me above is hereby placed in the public domain
More information about the cap-talk