[cap-talk] More Heresey: ACLs not inherently bad
Charles Landau
clandau at macslab.com
Thu Sep 18 18:29:52 CDT 2008
Jonathan S. Shapiro wrote:
> Let me try a concrete example, and let's see whether we can work through
> that one.
Thank you, I think that will help us focus.
> The desired policy is: ...
>
> Now it is perfectly clear to me that this policy can be implemented with
> capabilities very easily.
>
> But in the absence of system-wide persistence, ...
> That is where this is going to get hung up.
If the absence of persistence is the problem, then the solution is obvious.
Because I have my own work to get done (which includes making a
persistent capability system), I'm going to have to reduce my
involvement in this discussion. But I agree it's an important issue to
explore.
More information about the cap-talk
mailing list