Subject: Re: [e-lang] "Capability Myths Demolished" (was: Software security workshop)

From: Ben Laurie <ben@algroup.co.uk> · Date: Thu, 05 Dec 2002 18:05:52 +0000

Jonathan S. Shapiro wrote:
> A C-list isn't a capability. It is a collection of capabilities. One of
> the key differences in various capability system designs is whether
> C-lists are sets or maps. In the "C-list as set" approach, possession of
> a capability is required (demonstrated by membership in the C-list), but
> operations do not explicitly designate the particular capability they
> are using. In some cases they may designate the C-list. This lends
> itself to a variety of bugs in code and some interesting ambiguities if
> multiple candidate authorities are present in the same C-list:
> 
>   1. Which one should be used, or do we understand this
>      to mean the authority that is the union of the presently
>      held capabilities?

Surely this isn't a possible scenario for the kinds of capabilities EROS 
or E have? markm shap 

Cheers, 

Ben. 

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

_______________________________________________
e-lang mailing list
e-lang@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/e-lang