From: "Karp, Alan" <alan_karp@hp.com>
Date: Tue, 3 Dec 2002 17:28:10 -0800
Subject: RE: [e-lang] Commentary on Wallach's "Extensible Security Archite ctures for Java"

David Wagner wrote:
> 
> I think of stack introspection as a mechanism designed to 
> solve a legacy
> code problem: the authors were encumbered with an existing codebase,
> and wanted the best solution possible. 
>

We worried about the legacy code problem when developing e-speak and concluded quite early in the game that capabilities were an excellent solution.  All we lacked was a way to see the resource request before the OS handled it, something Java has. 

_________________________
Alan Karp 
Principal Scientist
Decision Technology Department
Hewlett-Packard Laboratories MS 1141
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-6278
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp/
 

> -----Original Message-----
> From: David Wagner [mailto:daw@cs.berkeley.edu]
> Sent: Tuesday, December 03, 2002 4:02 PM
> To: e-lang@mail.eros-os.org
> Subject: [e-lang] Commentary on Wallach's "Extensible Security
> Architectures for Java"
> 
> 
> Ping writes:
> >"Extensible Security Architectures for Java"
> >    http://www.cs.berkeley.edu/~pingster/sec/wallach-java.html
> 
> Ping,
> 
> I like your comments, but I'm not sure I fully agree with your
> conclusions.  I'd like to see you succeed in putting together as
> persuasive a case for E-like capability systems as possible.  Can I
> offer some constructive comments?
> 
> I think of stack introspection as a mechanism designed to 
> solve a legacy
> code problem: the authors were encumbered with an existing codebase,
> and wanted the best solution possible.  In contrast, I think of E-like
> capability systems as focusing on a different problem, one where we
> are free to re-invent the programming language, the OS, everything to
> satisfy a new model.
> 
> For these reasons, I'm not convinced that the stack 
> introspection paper
> is grievously in error.  Maybe they're just solving a 
> different problem
> than you'd like them to solve.
> 
> Maybe any document that's trying to make the case for E-like 
> capabilities
> systems would do better to focus on the positive aspects of 
> E.  As much
> as one could write about why stack introspection isn't a full solution
> to the latter problem scenario, I'm not sure we need an 
> exhaustive list;
> maybe it suffices to just point out that E is solving a 
> different problem
> than stack introspection is.
> 
> -- David
> _______________________________________________
> e-lang mailing list
> e-lang@mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/e-lang
> 
_______________________________________________
e-lang mailing list
e-lang@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/e-lang