[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Jonathan S. Shapiro
Mon, 13 Feb 2006 11:16:36 -0500
On Sun, 2006-02-12 at 16:33 -0300, Leonardo Pereira wrote:
> I have a simple doubt. It is possible that it was already debated, but
> I didn't found nothing about it.
> When you run a program, you can give a capabilitie to it and it will
> be able to use something or open some files. But what will happen if I
> use an interpreter? how the system will know what capabilities the
> interpreted program will have?
I think you are confused about what a capability is. In Coyotos or
L4.sec, a capability is not data. It is a structure protected by the OS.
The OS does *not* know what capabilities an interpreted program can use,
but it *does* know what capabilities the *interpreter* has, and it knows
that no action taken by the interpreted program can exceed the authority
available to the interpreter that interprets the program.
When you are trying to understand this type of question, it may be
useful to ask "what would happen in UNIX if..." and substitute "file
descriptor" for "capability". A capability is simply a descriptor. The
deficiency of UNIX is that it does not use descriptors more universally.
Jonathan S. Shapiro <=