At 6:37 AM -0800 5/7/98, Jonathan S. Shapiro wrote:
>I find myself writing a depressing number of library routines that
>take the same three or four capability registers as arguments. In
>most cases, these registers hold things like the active domain key, a
>schedule key, or a space bank key.
In KeyKOS, we tended not to use libraries, but capability register conventions sprung up from the specification of the factory.
I would suggest the following regarding capability register conventions:
(1) Each routine separately document all the capabilities it needs.
(2) The location of each capability be standardized across all the routines in a particular library.
This way, you can preserve, at least at the documentation level, the principle of least privilege, while enjoying the advantages of standardized locations.
Bill Frantz | If hate must be my prison | Periwinkle -- Consulting (408)356-8506 | lock, then love must be | 16345 Englewood Ave. frantz@netcom.com | the key. - Phil Ochs | Los Gatos, CA 95032, USA