It's interesting to see how our existing systems and solutions, and how popular they are, subtly influence the way we see the world. It's all about assumptions - if you don't question them, you're likely to be stuck in a local maximum, rather than wandering out to find a better maxima elsewhere.
I recommend reading the paper. It's written in a relatively colourful style, somewhat less dry and academic than some. Just thinking about the details of implementing a usable capability-based system has me thinking about how it influences other things, involving system maintainability etc. I've always thought that ACLs are a pain to manage and that Unix's 3*3 bits + sundry are better, if not for power, then for usability. I can see ways for capability-based systems to be even better, especially for things like elevating security privileges (like in Linux, MacOS X, Vista), and running less-trusted applications in the current user's account.
Food for thought.
No comments:
Post a Comment