[cap-talk] Concrete comparable use cases
Pierre THIERRY
nowhere.man at levallois.eu.org
Tue Mar 18 21:31:51 EDT 2008
As I read in the last days my backlog of 900 or so cap-talk mails,
something disturbed me in discussions on the differences between
capabilities and ACL: sometimes it seems apples and oranges are
compared.
That is, sometimes we raise issues that capability-based systems create,
and wonder if they are present in ACL systems, but to me it seems that
the issues only exist because the use cases we discuss for cap systems
are use cases where we do much more than with ACL systems.
For example, to the best of my knowledge, no mainstream ACL system has
to deal with chains of delegation. In the best case, a user can grant
permissions on a resource he owns. And that's it. Also, in practice, and
even if it would be possible otherwise, any service used by more than
one user is set up by a system administrator and runs in a priviledged
mode.
It somewhat reminds me of the performance comparisons between manual and
automatic memory management. Of course you pay a 5-10% reduction in
speed in average for the presence of garbage collection, and it's very
interesting to evaluate that cost. But on the other hand, some projects
have been shown to spend 60% of their time to handle memory managements
and the associated errors...
Has there been any published comparisons of the merits of ACL and cap
systems in the context of identical use cases, or assessments of the
costs and gains of use cases of cap systems that are impossible in ACL
systems?
I have that idea of a paper where an ocap web system would be
implemented along with a similar ACL one (in terms of features and
security). Then you show how to add extensions to the system. And then
you show what code is needed to make changes in the security policy.
Curiously,
Pierre
--
nowhere.man at levallois.eu.org
OpenPGP 0xD9D50D8A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://www.eros-os.org/pipermail/cap-talk/attachments/20080319/b4c8b6f8/attachment.bin
More information about the cap-talk
mailing list