OSDev.org

Could someone give me a simple explanation of how a secure capability could be generated? I've understood the concept of capabilities, and I find it a very attractive idea, however, I don't really know how to actually implement something like that.

I don't need code or any advanced stuff, just a basic rundown of how it actually works.

You either store capabilities in kernel space and access them via system calls or cryptographically sign them so that the data can be moved around arbitrarily while maintaining its security.

You could also prevent programs from having the capability to access files or disk except for specific files which cannot include the capabilities files themselves. This automagically provides all the persistence/temporariness you could want and secures your capabilities data quite nicely without any adding any additional semantic forms. Clean semantics is sexy.

Only problem is you need a file system that's very effective for small files. I recommend Reiser4.