From: Mark Miller <>
Replying To: Tyler Close <>
Date: Thu, 28 Nov 2002 12:55:21 -0800
Subject: Re: [e-lang] "Capability Myths Demolished" (was: Software security workshop)

At 10:09 AM 11/28/2002 Thursday, Tyler Close wrote:
>I think your paper could do a better job of taking apart Lampson's
>"Protection" paper. The concept of the "access matrix" is at the
>root of most of the misconceptions surrounding ACLs and
>capabilities.  To be completely effective, I think we must point
>out how misguided the core access matrix concept is.

Tyler, I think you have the start of an excellent paper here, different and 
complementary to mine.   For now, I have revised my paper to cite your note as ping 

>[Close02] Tyler Close, "Re: Capability Myths Demolished", e-lang email 
>commenting on this paper, archived at 
> .

I encourage you to edit it into a standalone paper, at which point I will 
cite that instead.   (If for some reason you don't want to post it at 
waterken, I'd be happy to host it at erights.)

>There are a number of other really bad errors in the Lampson model
>and in the Lampson paper. I think if we beat on these, the
>misconceptions resulting from the Lampson paper will automatically
>dissipate. Or, at least I hope so. I cannot believe that this
>thing has lasted over 30 years.

It took me a long time to accept that the scientific community process can 
be this broken, but, when viewed at the granularity of decades,  indeed it 
is. OTOH, when viewed at the granularity of centuries, it's still quite 
impressive; at least by the standards of what any other species has 

I do believe our extended community is about to put this particular bogosity 
to rest for good (regarding science, not engineering).  Let's just be sure to 
kill it so it stays dead.  But even then, I don't believe that "the 
misconceptions resulting from the Lampson paper will automatically 
dissipate."  For a long time, I expect we'll have to track them down one by 
one and kill them too. alan_karp

Text by me above is hereby placed in the public domain


e-lang mailing list