[cap-talk] More Heresey: ACLs not inherently bad

Jonathan S. Shapiro shap at eros-os.com
Mon Sep 1 12:58:50 CDT 2008


Conceptually I like Unestos, but in practice its mechanisms scale
horribly badly.

On Sun, 2008-08-31 at 16:17 +0100, Toby Murray wrote:
> On Sun, 2008-08-31 at 07:37 -0700, Sandro Magi wrote:
> > Note that securable ACL systems and their relationships with capabilities has been discussed many times before on cap-talk, in particular as applies to systems with private namespaces. Eric Raymond started a discussion in 2002 which is similar to what Shap proposes below, regarding namespaces and Plan 9 [1]. The whole thread is interesting, as it hashes out many problems with UNIX semantics and private namespaces.
> 
> I tend to view the Unestos design from [1] as an idealised marriage of
> UNIX and a capability-based OS that provides strong POLA support whilst
> being recognisable to all those familiar with UNIX.
> 
> 
> [1]
> http://www.usenix.org/event/hotos05/final_papers/full_papers/krohn/krohn.pdf
> 
> 
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk



More information about the cap-talk mailing list