[cap-talk] Selling capabilities programming
James A. Donald
jamesd at echeque.com
Thu Aug 2 19:40:48 EDT 2007
James A. Donald:
>> Presumably Word would be allowed to access the
>> Microsoft website without asking permission, just as
>> it would be allowed read access the files in its
>> installation directory without permission, and write
>> access to some of the files in the word application
>> directory without permission, but would not be
>> allowed to access some random website without
>> permission.
Karp, Alan H wrote:
> Now, if I could only figure out how to do that on XP,
We were, I think, discussing how operating systems
should be written, rather than how they are written.
To the extent that programs behave as they are supposed
to behave, Microsoft Windows is a pretty good system.
Therefore, we observe how well behaved programs do in
fact behave in that operating system, and figure out
generalizations that can be made mandatory, such that in
such an operating all programs *must* behave as well
behaved programs do in fact behave in present day
operating systems.
Present day well behaved programs in present day
operating systems restrict their file accesses to files
that the user expects them to: their own directories,
and the files that the user directs. They act as if
they never acquire any durable capability to access any
file from the user or human system administrator.
More information about the cap-talk
mailing list