[cap-talk] Selling capabilities programming
James A. Donald
jamesd at echeque.com
Fri Jul 20 03:18:31 EDT 2007
>> Like most things, protected capabilities are useful
>> for some purposes, and inconvenient for others,
>> [....] If you want to control their propagation, and
>> your aunt Vera is system administrator of her home
>> network, then aunt Vera has to control their
>> propagation, which may well be a problem,
>> particularly when little Johnny is on aunt Vera's
>> network.
David Wagner wrote:
> I think this may not necessarily be the case. One of
> the intended uses of capabilities (in some systems) is
> that they enable construction of more secure
> applications. In that case, propagation may be
> controlled by the structure of the application logic,
> not by Aunt Vera.
I would like to see a use case for control of
propagation that involves aunt Vera. How does one
structure application logic using control of
propagation, such that it is useful on a home network
involving Aunt Vera and little Johnny?
I can easily see how control of propagation is very
useful on a single machine with a single CPU, but as
soon as applications span a network, with multiple
computers and multiple users, seems to become
impractically complicated.
Perhaps others can see a simple use case, but I do not.
More information about the cap-talk
mailing list