[cap-talk] Capability analogies
Karp, Alan H
alan.karp at hp.com
Thu Oct 4 19:22:57 EDT 2007
Jed wrote:
>
> I like your metaphors Alan (I've used the valet parking example
> myself, though not with the ACL twist), but I'm not confident
> such metaphors will help much in getting people to understand
> capabilities. In my experience (mostly with some 3k+ staff
> members at LLNL using the capabilities in the Elephant Storage
> system very successfully for some 25+ years) the capability concept
> itself as a simple reference to an object (in that case only
> directories and files) is simpler than any of the metaphors.
>
Different audience. I use these stories when talking to executives.
Talking about object references would be lost on them.
>
> If, however, this particular 'ownership' privilege of
> being able to update the ACL is granted with every
> permission to access the object, then ACLs can serve
> much more like capabilities.
HP Select Access allows this form of delegation, although its
administratively burdensome enough that it's not done for every granting
of a privilege.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list