[cap-talk] Wikipedia: Object-capability model

David Hopwood david.nospam.hopwood at blueyonder.co.uk
Fri Jan 5 12:02:13 CST 2007


Ka-Ping Yee wrote:
> I think it's high time Wikipedia had an article entitled
> "Object-capability model".

I would prefer making that redirect to "Capability-based security",
and expanding the latter to give a definition of the object capability
model (in its own section). Otherwise there would be significant
duplication between the two articles.

If the "object capability model" section gets too large, it can always
be split out later.

Note that there are already over 60 links to "Capability-based security":

<http://en.wikipedia.org/wiki/Special:Whatlinkshere/Capability-based_security>

> Here's what i think should go in the
> main definition of the term:
> 
>     - Objects access or designate other objects through unforgeable
>       references (pointers).
> 
>     - Computation is performed by sending messages along these
>       references to other objects.
> 
>     - One comes to have a reference to an object via (a) creation,
>       (b) endowment, or (c) introduction.
> 
> Is that enough for a precise definition?

IMHO it is not quite sufficient. I gave my own working definition in
<http://www.eros-os.org/pipermail/cap-talk/2006-August/005570.html> and
<http://www.eros-os.org/pipermail/cap-talk/2006-August/005591.html>
(although it needs to be made a little less technical-sounding, without
losing precision).

> (The rest of the article, which i hope you will all help me write,
> can cite systems and papers and compare the specific meaning of
> "object-capability" to the usage of "capability" in security theory
> and the usage of "capability" in practice.)

Agreed. It should also explain composites and facets, assuming that we
can resolve the objections that some people have to the terminology
associated with that.

-- 
David Hopwood <david.nospam.hopwood at blueyonder.co.uk>



More information about the cap-talk mailing list