Capabilities

Discussions on more advanced topics such as monolithic vs micro-kernels, transactional memory models, and paging vs segmentation should go here. Use this forum to expand and improve the wiki!
Post Reply
kenna
Posts: 8
Joined: Fri Apr 13, 2007 1:26 pm

Capabilities

Post by kenna »

Could someone give me a simple explanation of how a secure capability could be generated? I've understood the concept of capabilities, and I find it a very attractive idea, however, I don't really know how to actually implement something like that.

I don't need code or any advanced stuff, just a basic rundown of how it actually works.
Top
Crazed123
Member
Member
Posts: 248
Joined: Thu Oct 21, 2004 11:00 pm

Post by Crazed123 »

You either store capabilities in kernel space and access them via system calls or cryptographically sign them so that the data can be moved around arbitrarily while maintaining its security.
Top
Avarok
Member
Member
Posts: 102
Joined: Thu Aug 30, 2007 9:09 pm

Post by Avarok »

You could also prevent programs from having the capability to access files or disk except for specific files which cannot include the capabilities files themselves. This automagically provides all the persistence/temporariness you could want and secures your capabilities data quite nicely without any adding any additional semantic forms. Clean semantics is sexy.

Only problem is you need a file system that's very effective for small files. I recommend Reiser4.
There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies.
- C. A. R. Hoare
Top
Post Reply

Return to “OS Design & Theory”