[cap-talk] More Heresey: ACLs not inherently bad
Jed Donnelley
capability at webstart.com
Tue Sep 9 01:37:25 CDT 2008
Charlie,
I'm just trying to understand what you describe:
At 10:38 PM 9/8/2008, Charles Landau wrote:
>...
>(3) Construct a directory-like object (whose behavior is described
>below) and pass a capability to it to the new process to use as its root
>directory/namespace. When the new process first attempts to fetch a
>subdirectory or leaf object from the directory-like object, the latter
>determines whether it wants the new process to have access to that
>object, and if so makes it available for that and subsequent requests.
When you say, "the latter <I assume the subdirectory or leaf object>
determines whether it wants the new process to have access..."
how do you imagine the latter to determine (distinguish) which process
it is that is making the request? I.e. whether it is the above
noted "new process" vs. some old process?
--Jed http://www.webstart.com/jed-signature.html
More information about the cap-talk
mailing list