[cap-talk] Wikipedia: Object-capability model - parenthood?
Jed Donnelley
capability at webstart.com
Mon Jan 8 10:34:42 CST 2007
At 02:54 AM 1/8/2007, David Hopwood wrote:
>Jed Donnelley wrote:
>...
> > Why is the second means of obtaining a reference:
> >
> > 2. The creator of an object has access to the created object.
> >
> > needed? Isn't it just an instance of the third? Namely
> > the instance when the object is received in a message
> > responding to a creation request?
>
>Not necessarily; it depends whether object creation is primitive or
>not in the particular object-cap system.
Curious that you would quote a "pure object-capabil8ty" system
below and not in this case. In a pure object-capability system
and even in any weaker just capability system I believe object
creation must result from object invocation.
Can anybody describe an object-capability system (or even just
a capability system) in which creation of objects aren't a result
of object invocations (references)?
When Shap later says:
At 07:04 AM 1/8/2007, Jonathan S. Shapiro wrote:
>On Mon, 2007-01-08 at 10:54 +0000, David Hopwood wrote:
> > Jed Donnelley wrote:
> > > Why is the second means of obtaining a reference:
> > >
> > > 2. The creator of an object has access to the created object.
>
>I concur that this statement is mistaken. The creator of an object
>obtains a capability that is fabricated as a consequence of creation,
>and has access to exactly those operations permitted by that capability.
>
> > Not necessarily; it depends whether object creation is primitive or
> > not in the particular object-cap system.
>
>A system in which allocation is not primitive cannot be an
>object-capability system.
I agree and so still suggest removing case #2 regarding "parenthood":
> > I suggest removing case #2.
> > Doing so would make the definition more succinct ;-)
--Jed http://www.webstart.com/jed-signature.html
More information about the cap-talk
mailing list