'capabilities' or a plea for consistent terminology
jont at us.ibm.com
jont at us.ibm.com
Tue Apr 18 23:23:06 GMT 2000
A plea for consistent terminology ...
Unfortunately for everybody the posix.1e committee labelled
kernel-privileges 'capabilities'.
Anybody vaguely aware of access control models would realise that
they are a shallow fascimilie to real capabilities.
[ See www.eros-os.org for an OS that really uses capabilities. ]
In more general discussions it might be less confusing to not call
posix.1e "capabilities" just capabilities but "kernel privileges" or
"posix.1e capabilities".
For a concrete demonstration, consider the following out of context
question:
"Can this be done with capabilities ?"
and the following alternative form:
"Can this be done withe posix.1e-capabilities ?"
he answer to the former will almost always be
"yes (but its ugly)" (sorry Jonathan)
and the answer to the latter frequently
"no" or "only if we want to restrict it to root"
Of course we will all learn eventually each others default terminology
and resolve confusion that way, until we look back 6 months later ...
- JonT
---
Jon Tidswell
Advanced OS Technology Group / Sawmill Linux Project
IBM TJ Watson Research Center 30 Saw Mill River Road, Hawthorne, N.Y. 10532
Email: jont at us.ibm.com Voice: +1 914 784 7550
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list