[cap-talk] Understanding capabilities in a web-desktop setting

tsr tsr at tsr.se
Wed Aug 6 03:59:25 CDT 2008 

Ivan Krstić escribió:
> On Aug 5, 2008, at 4:54 AM, tsr wrote:
>> Now to what I think is m question how do I implement this in a
>> capabilities kind of way?
>
> Let me turn this question back towards you: what problem do you have 
> with a traditional ACL-based authorization model that you think (or 
> hope, or wish) capabilities will solve for you in your system?
One thing that I've always found confusing in linux is that there a lot 
of files that I don't have access to and that everyone can see what 
files I have. Also setting up a several-user (multi sounds so in at 
least the 100s) environment on my desktop computer I haven't found a 
good way of sharing files among accounts without having to either make 
copies (takes up space), create symlinks (I can't move the originals) or 
create an ever increasing mess of groups (well, it gets messy).
> You appear to be saying "I've heard about capabilities, they sound 
> interesting, I want to use them for my system. Now, what are they and 
> how do I implement them?" Needless to say, this is a horrifically 
> backwards way to approach any kind of engineering, software or 
> otherwise, akin to saying "I've heard about Rolls Royce jumbo-jet 
> engines, they sound interesting, I want to use them for my bicycle. 
> Now, what are these jumbo-jet engines and how do I wire them to my 
> bicycle?"
I don't agree, maybe I worded my questions/search for information in an 
inapropiate way but I don't see how "Wow, this seems cool I'll find out 
more about this before I decide on everything", maybe I have a naïve 
approach but still I find it more valuable to think "What information is 
out there that I can use together with the information I already have" 
than "I now this, how can I make what want with it".
>
> An enumeration of the problems you're trying to solve and the security 
> properties you wish your system to have should be your first step. The 
> next should be finding the simplest solution which delivers those 
> properties. Capabilities may be that solution, though they most often 
> aren't due to cumulative complexities of production systems.
Well, I admit it: I have thought more about it than what I posted here 
;) But ok, I'll write a quick list of thinks I'm hoping to be able to do 
with my system:
* Security
- absolutely no way of information leakage
- simple way of sharing the exact information you want to share with 
specific entities (other users/groups)
- flexible grouping for everyone (per de siteadmins discretion)
- flexible administration of who gets to do what
- encrypted storage
* Functionality
- email-client
- rss-reader (with a system-wide read-once show to all subscribers)
- wiki (personal, smallgroup, largegroup, everyone, anonymous 
editing/adding/deletion/reading of content)
- task-lists (to accomodate both simple ToDo-lists and more complex 
systems as GTD)
- calendar (I've still haven't found a flexible enough system to cater 
for my needs)
- etc, etc

>
> -- 
> Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org
>

More information about the cap-talk mailing list