[e-lang] anyone ever look at refactoring code to use object-capabilities?
David Hopwood
david.hopwood at industrial-designers.co.uk
Sat May 26 11:47:40 EDT 2007
Mark Seaborn wrote:
> With Plash I have so far been focusing on how to set up grants of
> authority to existing apps (see, for example,
> http://plash.beasts.org/wiki/PackageSystem), rather than changing how
> existing apps distribute and use authority internally.
>
> However changing existing apps is an interesting question. One useful
> refactoring could be to pass in explicit "namespace" arguments to
> functions that take filenames, such as open(). This would specify the
> namespace that the filename should be looked up in. The namespace
> would be passed using capability discipline, even if individual files
> aren't.
Here is a concrete API suggestion: add an 'AT_SUBDIRECTORIES_ONLY' flag
for the *at family of functions.
http://plash.beasts.org/wiki/AtDirFunctions
When set, this flag prevents using ".." in the pathname argument to access
directories above the one passed as a file descriptor. (All combinations of
'AT_SUBDIRECTORIES_ONLY' and 'AT_SYMLINK_NOFOLLOW' are potentially useful.)
--
David Hopwood <david.hopwood at industrial-designers.co.uk>
More information about the e-lang
mailing list