[cap-talk] search capability
John Carlson
john.carlson3 at sbcglobal.net
Thu Sep 25 23:36:43 CDT 2008
We know that searches generally work across stuff with ambient
authority, such as file systems and database tables. A view defines a
subset of the ambient authority, generally used with an ACL, to
prevent the user from seeing parts of the table. If the view
definition or search keywords are wrapped with a sealer/unsealer pair
such that the search service seals the capability and unseals it as
well, is this still viewed as a pure capability system, or is it
viewed as a bastard capability system? If search terms aren't
transmitted in the capability, must one create a folder or document
with the results, and share that instead? Does a system like CapDesk
(which if someone could send me the install script again, I will put
it on my macintosh) or allmydata support sharing of search results
like this?
Or is a search capability not even in the domain of capability
theory? I am thinking that search produces capabilities from
reachable nodes, that can then be shared in a folder of nodes. Should
a folder ever be defined by a search?
Thanks,
John Carlson
More information about the cap-talk
mailing list