[cap-talk] More Heresey: ACLs not inherently bad
Toby Murray
toby.murray at comlab.ox.ac.uk
Thu Sep 11 11:37:31 CDT 2008
On Thu, 2008-09-11 at 16:16 +0000, Karp, Alan H wrote:
> I contend the installation endowment is the only time you need to
> grant O(20+) rights. Per execution is always(?) O(1).
I agree. I contend that any program that requires O(20+) -sized
namespaces to be constructed each time it executes will be sufficiently
complex to prevent it from being written in the first place. I can't
imagine a sane calling convention of this size.
More information about the cap-talk
mailing list