[cap-talk] ACLs--who needs them?
John Carlson
john.carlson3 at sbcglobal.net
Sat Feb 2 13:26:51 EST 2008
On Feb 2, 2008, at 8:48 AM, Jonathan S. Shapiro wrote:
> On Sat, 2008-02-02 at 08:44 -0800, John Carlson wrote:
>> The need for ACLs seems to be driven from the folder/file/directory/
>> filesystem idea. If we think about folders and files in the real
>> world, they are normally protected by keys and passwords
>> (capabilities
>> as data).
>
> ??? I have never observed a conventional file system protected by
> either
> keys or passwords. I have seen authentication schemes that use both,
> but
> all of the conventional file systems that I know about rely on the
> principal information resulting from authentication.
>
> Can you explain what you mean?
I mean physical files, in cabinets. They have keys. And the cabinets
are
behind doors with locks or passwords on them. Sometimes doors have
badges
but they probably work like keys. There is sometimes authentication,
like having
to show your driver's license. You might need both your driver's
license and a key to get into a safe deposit box.
So I think one need a capability for the cabinet, but not all the
files and folders inside
it. Similarly, you might lock your car with a capability, like an
executable.
John
John
More information about the cap-talk
mailing list