[cap-talk] Wall banging (was: Bellizzomi, Capabilities, Shapiro's focus, Coyotos, etc.)

Mark S. Miller markm at cs.jhu.edu
Wed Nov 29 20:30:34 CST 2006


Jed at Webstart wrote:
> I had imagined that the concern about wall listening was mainly
> for cases where the program was a black box (e.g. proprietary code).
> Once you get to the point of auditing source code it seems to me that
> the costs are so high and the means of control so good that worrying
> about non deterministic inputs is likely a small part of the problem.

In E, no auditing of source code is necessary to enforce determinism, and so 
it can be enforced on black boxes. The safe scope, containing the caps 
universally provided by convention, contain no caps that would enable a 
program to escape determinism. Unless a program is provided a cap that enables 
non-determinism, it cannot be non-deterministic.

-- 
Text by me above is hereby placed in the public domain

     Cheers,
     --MarkM


More information about the cap-talk mailing list