[cap-talk] Value of 'copy on write' as attenuation mechanism.

[Rob Meijer]

While requesting feedback for my MinorFs project, one issue that came up
twice was the value of so called copy on write or COW mechanisms.

For those of you who have no clue as to what MinorFs is, MinorFs is a set
of simple user space filesystems (fuse) that provide:

* Nth claim persistent processes.
* Persistent private directory tries for Nth claim persistent processes.
* Non persistent private directory tries for processes.
* Decomposition.
* Composition           (not yet fully implemented)
* Delegatable STRONG paths.
* Revocable delegation  (not yet implemented)
* Partial delegation    (not yet implemented)

Currently the design of MinorFs only provides for a generic attenuation
pattern that allows for deep, shallow and composed 'controled' attenuation
of read and write. Combined with decomposition and composition, many
attenuations can be created, however facilities for COW are currently not.

Given that the main goal of MinorFs is to be a demonstration of practical
use of sparse tokens in powerful discretionary Ocap related access control
mechanisms, I am a bit troubled about the nature of COW. Is it an
essentially important form of attenuation, and if so, is it of value for
directory trees as such a core mechanism, or would providing COW for files
combined with composition, be more in sync with the value of this
mechanism.

I am not sure if COW would add to the educational value of MinorFs, or if
it would actually be damaging, distracting from the above core mechanisms?
I am very much interested to hear opinions on the value of COW as
attenuation pattern in general, and its educational value if I would
add it as an extra file system abstraction layer to MinorFs.

T.I.A.

Rob J Meijer