[cap-talk] Capability begginer questions

Tue Oct 2 14:48:54 EDT 2007

Last year I was reading l4-hurd mail list and became curious to know more
about capabilites. Since then I start to read capabilite documentations
spread on the internet, more intensive in last three weeks, and I had
observed the lack of documentation on my native language (portuguese BTW).
For that reason and a couple of other ideas which come in my mind I started
to write my own documentation in portuguese about the capabilities[1]. My
two main goals with that are get more knowledge about the capabilitie theory
and create capabilite documentation in portuguese.

How I'm a very newbie on capabilites some doubts are running through my head
right now and I don't know any other place to ask these questions. Sorry if
I'm OT here. Anyways, here I go.

1 - A short question about the terminology. The correct translation for
capabilitie in portuguese is 'potencialidade' which means 'quality of the
potential'. Books like Operating Systems Design and Implementation for
example, treat capabilitie as 'capacidade' which stands for 'quality to
satisfaction some end; qualification'. First I started to use
'potencialidade' because is the correct translation for the word capabilite,
after read carefully a portuguese dictionary I decided to change that for
'capacidade' but I'm still lost about what is the best translation for the
word capabilitie. Should I keep with 'capacidade' on documentation or change
again to 'potencialidade'?

2 - According to Capability-Based Computer Systems book[2] written by Henry
M. Levy, the capabilitie could be showed as rows of an access matrix which
contrasts with ACL's in the column of the same access matrix. In a paper
called 'Capability Myths Demolished'[3] they say that assignment don't
explicit show the differences between ACL's and capability. My question is,
could I represent capability as rows (or columns depending on where user
field is positioned) of an access matrix?

3 - Suppose that I have a program P and I want to assign a capability to
read an file F. The read access capabilitie will be stored in P capability
list or F capability list?

4 - I was playing with C++ and design a _very_ primary capability structure
as follow:

/* caps.h */

#define RIGHTS_LIST_SIZE 2
#define CAP_LIST_SIZE 10

typedef char r_list[RIGHTS_LIST_SIZE];

typedef struct cap {
    long key;
    r_list rights;
};

typedef cap clist[CAP_LIST_SIZE];

/* EOF */

I am in the right direction? I was thinking to write a small Capability
_Fake_ File System to run on top of ext3 fs, just to learn more about
capabilites in the practical. Any suggestions?

[1] - http://matheus.morais.googlepages.com/entendendoaspotencialidades
[2] - http://www.cs.washington.edu/homes/levy/capabook/
[3] - http://zesty.ca/capmyths/usenix.pdf

Thanks and sorry for the inconvenience of begginer questions.
Matheus Morais
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20071002/1c9b1729/attachment.html 