From: David Wagner <daw@cs.berkeley.edu>
Date: Tue, 3 Dec 2002 16:02:16 -0800 (PST)
Subject: [e-lang] Commentary on Wallach's "Extensible Security Architectures for Java"

Ping writes:
>"Extensible Security Architectures for Java"
>    http://www.cs.berkeley.edu/~pingster/sec/wallach-java.html

Ping, 

I like your comments, but I'm not sure I fully agree with your
conclusions.   I'd like to see you succeed in putting together as
persuasive a case for E-like capability systems as possible.  Can I
offer some constructive comments?

I think of stack introspection as a mechanism designed to solve a legacy
code problem: the authors were encumbered with an existing codebase, 
and wanted the best solution possible.  In contrast, I think of E-like
capability systems as focusing on a different problem, one where we
are free to re-invent the programming language, the OS, everything to
satisfy a new model. alan_karp

For these reasons, I'm not convinced that the stack introspection paper
is grievously in error.   Maybe they're just solving a different problem
than you'd like them to solve.

Maybe any document that's trying to make the case for E-like capabilities
systems would do better to focus on the positive aspects of E.   As much
as one could write about why stack introspection isn't a full solution
to the latter problem scenario, I'm not sure we need an exhaustive list;
maybe it suffices to just point out that E is solving a different problem
than stack introspection is.

-- David
_______________________________________________
e-lang mailing list
e-lang@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/e-lang