[cap-talk] Capability-based Projects - theory vs. practice
Jed Donnelley
capability at webstart.com
Fri Aug 3 14:26:34 EDT 2007
At 07:17 AM 8/3/2007, Jonathan S. Shapiro wrote:
>On Thu, 2007-08-02 at 18:52 -0700, Jed Donnelley wrote:
> > You've definitely hit a critical point there. Whether in some sense
> > 'we' want to refer to such systems as "capability" systems (e.g.
> > because they can provide a POLA environment for running programs -
> > without access to the ACL interface), I certainly consider them as
> > dysfunctional regarding their use of capabilities...
>...
>
> > I admit that I've never seen any sort of a Mach interface other than
> > Unix, but when I consider that network server for Mach:
>
>To my knowlege, the only major subsystems that were ever built natively
>on Mach were the Camelot/Avalon transaction processing system, the
>original AFS file system, and the UNIX servers. Perhaps the network
>extension could be listed as a fourth case. Once the UNIX environment
>existed, people basically stopped programming to the Mach interface.
>
>There is something instructive in that.
Heh. Of course that was essentially the same experience we had
with NLTSS. Once we had the LTSS environment available nobody but
us chickens programmed to the native capability interface.
Some surprise! ;-|
--Jed http://www.webstart.com/jed-signature.html
More information about the cap-talk
mailing list