[cap-talk] More Heresey: ACLs not inherently bad
Karp, Alan H
alan.karp at hp.com
Thu Oct 2 12:21:46 CDT 2008
Marcus Brinkmann wrote:
>
> This can be an advantage of capability systems if there is a
> considerable interest in micro-managing the authority. My prediction
> is that in many cases this is not interesting, and people will
> continue to bag a large amount of authority in a single package and
> delegate it as a whole. This becomes a disadvantage of capability
> systems if it is hard to do the mass-delegation. Will it be hard? I
> don't know. You can wave your hands and say that this could be added
> on top of a capability system, but most people will be looking for
> ready solutions, not for opportunities to build them, so these issues
> have to be addressed in advance.
>
When managers give their login credentials to their assistants, they are giving them permission to view the manager's payroll statement, change beneficiaries on the manager's insurance policy, change the manager's withholding amounts, etc. That's a lot of power to give people who may resent how little they are paid for how hard they work. Would you want to give two weeks' notice to someone with that much power over you? My guess is managers would be a lot happier just delegating their manager rights.
>
> I don't quite understand this example. Chance is that most users of
> Ubuntu don't even know what a "root" is. They enter the administrator
> password in the dialog whenever they are asked (and because they are
> asked), and that's about it. The real progress has been in writing
> all these little user interfaces and automatization. That there is a
> dichotomy between a root and a user account in such systems is a
> choice that the developers made for the user.
>
And that's the secret for making a usable capability system. The user interface has to make it easy. CapDesk is one example. We have developed others.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list