[prev in list] [next in list] [prev in thread] [next in thread]
List: cap-talk
Subject: RE: [cap-talk] Iguana First Release - revocation, Iguana user manual?
From: "Karp, Alan H" <alan.karp () hp ! com>
Date: 2005-11-30 4:33:22
Message-ID: C49F2ECB5C14DE44898E96EB46147AF54C5B05 () cacexc12 ! americas ! cpqcorp ! net
[Download RAW message or body]
Jed wrote:
>
> By making it impossible to communicate a capability you make
> it impossible
> to request services that require the capability (not direct
> invocations, but
> use by some component service) - unless the intended sender
> proxies the
> capability. Doing so is awkward and inefficient. To not do
> so means that
> the capability can't be shared which creates an awkward bound on the
> amount of modularity systems can utilize as they may not be
> able to pass
> needed capabilities between POLA divided parts of a service.
>
Nothing says the clist must have more than one entry. Since the
capability to the clist can be passed around, you haven't lost any
functionality or granularity. You can think of the clist as the
mechanism you use to revoke the capability it contains.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
["Karp, Alan H.vcf" (text/x-vcard)]
_______________________________________________
cap-talk mailing list
cap-talk@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/cap-talk
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic