[cap-talk] Wall banging (was: Bellizzomi, Capabilities, Shapiro's focus, Coyotos, etc.)
Mark S. Miller
markm at cs.jhu.edu
Wed Nov 29 20:30:34 CST 2006
Jed at Webstart wrote:
> I had imagined that the concern about wall listening was mainly
> for cases where the program was a black box (e.g. proprietary code).
> Once you get to the point of auditing source code it seems to me that
> the costs are so high and the means of control so good that worrying
> about non deterministic inputs is likely a small part of the problem.
In E, no auditing of source code is necessary to enforce determinism, and so
it can be enforced on black boxes. The safe scope, containing the caps
universally provided by convention, contain no caps that would enable a
program to escape determinism. Unless a program is provided a cap that enables
non-determinism, it cannot be non-deterministic.
Text by me above is hereby placed in the public domain
More information about the cap-talk