[cap-talk] Forgeable capabilities
Jonathan S. Shapiro
shap at eros-os.com
Sat Jul 7 14:43:23 EDT 2007
Pierre:
I am not able to puzzle out your example, so I can't answer your
question.
PLEASE do not call this "forgeable capabilities". We have a lot of
documents out there that explain carefully why capabilities are not
forgeable. I understand (I think) why you see forgery here, but it is
not the capabilities that are being forged.
shap
On Sat, 2007-07-07 at 18:06 +0200, Pierre THIERRY wrote:
> I was wondering how forgeable capabilities are modeled in
> object-capabilities frameworks. For example, if I have an object S that
> has a grantAuthority(credential) method, where credential is a couple
> (login, password), this couple constitutes a forgeable capability. If a
> call to granAuthority with the adequate credential returns a capability
> to an object T, is it possible to model authority to S in another way
> than considering that authority to call S->grantAuthority is equivalent
> to authority to call T? That is, to model authority to S less
> conservatively.
>
> Curiously,
> Pierre
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
--
Jonathan S. Shapiro, Ph.D.
Managing Director
The EROS Group, LLC
More information about the cap-talk
mailing list