[cap-talk] Concrete guidelines for user shell

[Pierre THIERRY]

Scribit Jed Donnelley dies 29/06/2007 hora 10:13:
> I'd be interested to know what people feel is needed in this area
> beyond what Wideword provides.

Well, to start, it's not free software, so I don't feel like depending
on it for my own work. I tried to contact the author about it, because I
wouldn't want to reinvent the wheel if it's not needed, but got no
answer.

But the real issue for me is that the system and UI are oversimplified.
There is no way to have a single page where I can access and manage my
authority, I can't create anything more complex than a one-page
caretaker and it seems only the owner of a document can delegate
authority (and cannot delegate authority to delete).

I think Wideworld is a great demonstration of what is possible with
capabilities, but in its current state it's not a production quality
system (though maybe there's not much to do to make it so).

> The situation that Pierre describes, "Alice has access to Secret
> Folder and Bob, but cannot grant access for the former to the latter"
> is a statement of the communicating conspirators problem.  It isn't
> possible in that situation for any "reference monitor" to block the
> sort of access communication that is described.

Well, in the general case you're right. But in a restricted ocap system
where you can't run arbitrary code, you may not be able to proxy
anything.

Restrictedly,
Pierre
-- 
nowhere.man at levallois.eu.org
OpenPGP 0xD9D50D8A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://www.eros-os.org/pipermail/cap-talk/attachments/20070629/145127f0/attachment.bin