[cap-talk] Capability begginer questions
Matheus Morais
matheus.morais at gmail.com
Wed Oct 3 10:15:59 EDT 2007
On 10/3/07, Kevin Reid <kpreid at mac.com> wrote:
>
> This is inconsistent. Randomly generated values are only useful if
> you're creating sparse capabilities (those which the client can
> access the bits of); but the presence of the r_list means that these
> must be protected capabilities (those which the client can't access
> the bits of, or at least can't cause a given bit-sequence to be used
> as a capability).
>
> Assuming that you intend protected capabilities (which have superior
> properties), there is no reason for the "key" to be random; it might
> as well be a pointer or index referring to the implementation of the
> capability (what is invoked/accessed when the capability is used).
Yes your assumption are correct, I'm wanted to create a protected
capabilitie environment. Well, now I'm a bit lost, the key is the identifier
to point for an object which has that capabilitie or for what _action_ that
capabilitie could provide to the object? I was thinking in that manner, the
key is used to identify what object that capabilitie is assigned to and the
r_list will provide what permissions are given by that capabilitie. For
example, when a program P call to write in a file F, the system will check
in P's capability list if the key pointed to F exists and then look what
actions(r_list) will be available to P over F.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20071003/f58a4f4d/attachment-0001.html
More information about the cap-talk
mailing list