[cap-talk] A better reference for the "capabilities propagate too easily" argument
Mark Miller
erights at gmail.com
Wed Aug 1 10:47:49 EDT 2007
On 8/1/07, David Hopwood <david.hopwood at industrial-designers.co.uk> wrote:
> Jed Donnelley wrote:
> > [...] It's
> > almost as if by hiding under the language umbrella capability
> > work could still be done.
>
> My impression is more that language folks never paid much attention
> to the criticisms of capabilities in the OS context. After all, for
> capabilities to work at all at the language level, the language must
> rely on free copying of capabilities for parameter passing.
I agree with David, but beyond that, I think its simply that the
computational paradigms that have come to dominate language work are
* lambda-calculus
* lambda-calculus with local side effects
* taking naming & scoping rules seriously, e.g., lexical scoping
* object oriented programming
* abstraction mechanisms
* design patterns
In other words, they had already arrived at capabilities in all ways
except for security.
By contrast, the von Neumann paradigm in another guise has come to
dominate OS work. That other guise is the global name space of the
file system. In addition, OS folks toss new sloppy namespaces around
with wild abandon, such as UNIX Environment variables.
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list