[cap-talk] Capabilities and Freedom vs. Safety

[James A. Donald]

Jonathan S. Shapiro wrote:
 >   2. The system-wide installation utility should be
 >   able to install programs in such a way that (a) they
 >   are confined when run, but (b) the user cannot
 >   inspect their code or data.

This makes it likely that such programs will not
necessarily be written to act in the best interests of
the user - that they will, in some sense, be Trojans or
malware.