I'm glad to see that Dean has made the conceptual leap to understanding capability based security. It's a tricky subject to explain, and I was starting to worry he'd get discouraged... but he's made it... we've got another convert. 8)
Now, the thing to do is to take him at his word, and see exactly what helped him to see the value, and to make it easier to get to there from a world steeped in the Dogma of ACL uber Alles.
The key distinction he makes is that a capability is more than a token. He then presents cases of issuing new capabilities based on old ones, always with less authority that the original. This is a very powerful lever... once you grok it, you'll never forget it.
I've got to spend some of my very limited free time to get some actually capabilities samples up on the net, however that may happen. I've got some knowledge of Delphi, Python, and ASP... one of those should suffice to get something that can issue capabilities and let anyone store a few bits on a server somewhere.
I don't think it's really important to get huge examples working, just enough to squeak by and help others by making the cognitive leap smaller.
Thanks Dean!
You've helped renew my faith that blogging is an effective way to make things better.
Subscribe to:
Post Comments (Atom)
1 comment:
It certainly took me a bit to grok, but yes, it's definitely conceptually powerful. I'm still grappling with implementation details, but hopefully this coming weekend I'll be able to carve out some time to stub out a basic implementation -- w/ at least a web interface but perhaps a FUSE interface as well.
Post a Comment