[cap-talk] Reducing the authority of a file browser in a capability OS.
Karp, Alan H
alan.karp at hp.com
Tue Dec 22 15:37:38 PST 2009
Rob Meijer wrote:
>
> I know I have tried to make this point a few times before, but one reason
> why the word-processor could already have a more powerful capability may
> be that the word-processor created the file.
The word processor should have full power over files it creates. These include temp files for recovery, configuration files, even new documents. However, when the user does a SaveAs, the user should take control over the file. If the process is pseudo-persistent, it can retain the r/w capability to the file. However, if the word processor is simply restarted, then the user should decide which of the user's files it can access. The word processor retains full power over the files it previously created.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list