[cap-talk] Capabilities giving up control?
John McCabe-Dansted
gmatht at gmail.com
Sat Jan 19 00:00:07 EST 2008
On Jan 18, 2008 4:37 PM, Jed Donnelley <capability at webstart.com> wrote:
> However, to explore this point a bit further, what about the
> argument that this approach (an authority mechanism that
> shows that a single subject has an authority) works for
> people, why shouldn't it be effective in computer systems?
One important difference between people and computer systems is that human
proxies are never fully transparent. I am allowed to proxy the right to
drive legally to Bob, but not delegate. This is as it should be because Bob
is unlikely to give instructions like "Accidentally hit the accelerator
instead of the brake" and I would be unlikely to faithfully proxy such an
instruction.
IMHO, similar constraints on *human* access to sensitive computer systems
could be useful. E.g. you are not allowed to enter the computing lab unless
you have passed the security policy test.
--
John C. McCabe-Dansted
PhD Student
University of Western Australia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20080119/b673daeb/attachment.html
More information about the cap-talk
mailing list