[cap-talk] What sustained interest in capabilities
David-Sarah Hopwood
david.hopwood at industrial-designers.co.uk
Thu Jan 8 00:55:40 EST 2009
Mitsu Hadeishi wrote:
> On Jan 8, 2009, at 12:00 AM, David-Sarah Hopwood wrote:
>
>> In what sense are any of the most successful computing platforms, such
>> as Windows, Unix, and C, themselves adapted to any particular
>> context in which they are used?
>
> Again, you're thinking in terms of solving the problem of traditional
> operating systems.
No, not at all. I would have included a distributed object protocol,
such as CORBA, if any of those were actually successful. I should
definitely have included the world-wide-web (although that is arguably
less general than it needs to be).
> The problem space changes radically when you
> consider the case of building service-oriented "operating systems", so
> to speak. The layer becomes, effectively, the operating system for
> programs written to the interface of the capability secure layer. The
> fact that the layer happens to be implemented using legacy code is
> simply an implementation detail.
It is an implementation detail if we decide that we're actually going to
reimplement it. If the legacy code ends up being the only implementation
indefinitely, then that's not a detail: it fundamentally affects how
confident we can be in the layer's security.
> It would be perfectly possible to
> reimplement the layer on top of a capability secure OS in the future,
> [...]
Maybe, or maybe not. The difficulty of doing so will depend on the
initial design. For instance, if the layer incorporates any APIs that
depend too much on an existing non-capability OS (even if those APIs
are by themselves consistent with capability security), then any such
reimplementation is unlikely to happen.
--
David-Sarah Hopwood ⚥
More information about the cap-talk
mailing list