[cap-talk] Capability begginer questions

Matheus Morais matheus.morais at gmail.com
Thu Oct 4 08:40:29 EDT 2007 

Thank you very much for the valuable information, I'm starting to understand
what _really_ is the capability theory. I will follow your suggestion and
start to read and write a bit more before think about the implementation
details. I also would like to thank all replies (Kevin Reid in special)
which are helping me to understand better the capabilities.

In this week I will review and improve the documentations which I already
write according with this thread suggestions.

Again, thanks for all useful replies!
Matheus Morais

On 10/3/07, Jed Donnelley <capability at webstart.com> wrote:
>
>
> To my thinking you are focusing too much on implementation
> details.
>
> I believe the base idea of a capability is a parameter
> token that can communicate permission to a designated
> something (an object) between two protected domains
> (vats, processes, etc.) so as to preserve their possible
> mutually suspicious interaction.
>
> The strongest forms of capability implementation include
> the permission to communicate to whatever services
> requests on the object with the communicated capability.
> Such forms support the confinement property.
>
> Beyond the above it seems to me you start to delve into
> implementation details - which we on this list of
> course love to debate endlessly.  You will find such
> a huge variety of successful implementations of the
> capability concept that I hope you don't try to define
> the concept by any particular implementation or even
> type of implementation - hardware, software, protected
> references, capabilities as data, etc.
>
> You can find efforts to describe capabilities that
> have been hashed to some extent on Wikipedia, e.g.:
>
>  http://en.wikipedia.org/wiki/Capability-based_security
>  http://en.wikipedia.org/wiki/Object-capability_model
>
> While I naturally have my own opinions that differ some
> (since I didn't write the above ;-), I particularly
> recommend the beginning of the second reference which
> I believe focuses on the essence of the capability concept.
>
> --Jed  http://www.webstart.com/jed-signature.html
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20071004/2197131b/attachment-0001.html

More information about the cap-talk mailing list