[cap-talk] More Heresey: ACLs not inherently bad
Jonathan S. Shapiro
shap at eros-os.com
Mon Sep 1 12:58:50 CDT 2008
Conceptually I like Unestos, but in practice its mechanisms scale
horribly badly.
On Sun, 2008-08-31 at 16:17 +0100, Toby Murray wrote:
> On Sun, 2008-08-31 at 07:37 -0700, Sandro Magi wrote:
> > Note that securable ACL systems and their relationships with capabilities has been discussed many times before on cap-talk, in particular as applies to systems with private namespaces. Eric Raymond started a discussion in 2002 which is similar to what Shap proposes below, regarding namespaces and Plan 9 [1]. The whole thread is interesting, as it hashes out many problems with UNIX semantics and private namespaces.
>
> I tend to view the Unestos design from [1] as an idealised marriage of
> UNIX and a capability-based OS that provides strong POLA support whilst
> being recognisable to all those familiar with UNIX.
>
>
> [1]
> http://www.usenix.org/event/hotos05/final_papers/full_papers/krohn/krohn.pdf
>
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
More information about the cap-talk
mailing list