Linux, IRIX, and "POSIX Capabilities"
Mon, 8 Nov 1999 00:25:26 -0800 (PST)
On Sun, 7 Nov 1999, Eric Messick wrote:
> Everything in unix is a file. Wrapping a capability wrapper around
> files is doable. We did just that at EC.
> Files are referred to by programs either as file descriptors (which
> already behave a lot like capabilities) or by name. It's the name
> part that is tricky.
> Consider a system where every individual program was running in it's
> own file system namespace.
Yes! These are the sort of interesting directions i was having
vague wonderings in. Notice that when Unix programs use pipes,
the stdin and stdout descriptors provided to it are read-only
and write-only capabilities that are set up by the shell. Your
idea of a filesystem namespace per process is a very intriguing
generalization from two to many!
Too bad there isn't a single file browser widget used by all
applications that we could simply replace in the core UI library,
but we might be able to get pretty far with just files nonetheless.