[cap-talk] Definition of "authority"? Got it right?
Kevin Reid
kpreid at mac.com
Tue Jan 22 12:34:01 EST 2008
On Jan 22, 2008, at 10:44, Mark Miller wrote:
> On Jan 21, 2008 10:21 PM, Jed Donnelley <capability at webstart.com>
> wrote:
>> What bothers me about this definition set is that, at least for
>> object capability systems, it seems to somewhat trivialize the
>> notion of a "permission". Permissions are always the same. They
>> only provide communication.
>
> In all ocap systems of which I'm aware, both language and OS, the
> kernel does provide some object types primitively -- such as an
> indexable read/write data container of some sort. E provides
> FlexLists. The KeyKOS line provides segments and nodes.
This doesn't seem to fit to me.
In E, a FlexList (whether or not it is implemented primitively [1]),
or any other possibly primitive object, is *used* via the same
operation, the call ("communicate"), as every other object; at the
level at which these would be considered different permissions, it
would be equally reasonable to consider various types of user-defined
objects different permissions.
[1] E-on-CL's FlexLists are E objects; however, they use a similarly
primitive mutable array type internally.
--
Kevin Reid <http://homepage.mac.com/kpreid/>
More information about the cap-talk
mailing list