[cap-talk] Google's Native Client (NaCl)
toby.murray at comlab.ox.ac.uk
Tue Oct 6 03:50:18 EDT 2009
2009/10/5 Sam Mason <sam at samason.me.uk>
> On Mon, Oct 05, 2009 at 09:02:26PM +0000, Karp, Alan H wrote:
> > Sam Mason wrote:
> > > I don't think compatibility was ever going to be much of a focus with
> > > it; I think it's more about bringing ocap security to the world of
> > > web-browser plugins.
> > Minor point. I don't recall seeing anything to indicate that NaCl
> > uses capabilities.
> It's structure seemed a very capability-like design to me. It starts
> confined and communication to and from a nativeclient seems through a
> "NaCl socket", it's the calling code's choice which other NaCl modules
> it sees, and so on. The original paper says:
> NaCl resource descriptors are analogous to capabilities in systems
> such as EROS.
> or am I getting blinded by the detail?
> No I think you're spot on. Mark Seaborn (of Plash) has done a bit of
thinking about NaCl and capability-like confinement and has even gotten the
python interpreter running under a modified nacl, see e.g.
I don't know if any of this has been picked up upstream.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cap-talk