[cap-talk] Don't understand capabilities
Karp, Alan H
alan.karp at hp.com
Sat Oct 28 17:12:57 CDT 2006
Marcus Brinkmann wrote:
> I think that ACLs and ambient authority works closer to the real world
> than capabilities do.
I disagree. Consider valet parking. There's no ACL. My car key is the
capability to drive my car. The valet can hand my key to another valet.
My ATM card and knowledge of my PIN is a capability to withdraw money
from my bank account. I often send my son to make a withdrawal. The
badge I wear at work is an capability that I use to open certain doors.
Even though it has my picture on it, I can lend it to someone else, and
it works just fine.
Ambient authorities are also rare in the real world. Even a successful
identity thief can't drive my car or enter my house. The withdrawal
slip I sign at the bank doesn't get me into my safe deposit box. The
badge I use to open doors at work doesn't get me into my computer.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list