> The usual case it is useful is when the executable contains some kind
> of secret -- a database password, for instance...
Or just proprietary code. You don't need to distinguish execute permission for tihs purpose in EROS/KeyKOS. The Constructor already provides the guarantee that the code is not visible to the client unless the app exposes it.
The real problem is that you assume the filing system contains only passive objects.
Jonathan S. Shapiro
IBM T.J. Watson Research Center
Phone: +1 914 784 7085 (Tieline: 863)
Fax: +1 914 784 7595