Guess I really need to read up on those. Do you know of any introductory papers on the subject?
There are many papers about capabilities, but there are also many concepts called capabilities that are related, but slightly different under the hood. For example, in Mach the capabilities are used as a kernel-wide concept. In other systems they are more file system related.
You should perhaps start with [1], but you should also consult capabilities in Amoeba, Coyotos and other systems.
[1] http://www.eros-os.org/papers/sosp99-eros-preprint.ps
Thus my intention is to figure out whether a more coarse-grained permission system (based on conventional structure of the filesystem rather than individual file ownership) would be sufficient for most cases, and how to deal with the rest.
I understand your motivation. The question is how to combine the ease of use during run-time with the fact that you need to store the permissions somehow persistently while the system is off-line.
It's striked-through because I figured it would be simpler if you could simply traverse the directory structure through file nodes alone, without any absolute paths. E.g. file_node *vfs_get_child(file_node *dir, char *relative_name); or something like that. Then no new addressing scheme is necessary, if the mount operation gives you a node reference.
Yes, as a programmatic way to traverse the file system this is perfectly fine. But I still believe that there should be a way how a human user can specify an unambiguous absolute path (including the namespace) of a file from keyboard. Using URLs (or URIs, to be more precise) seems to me like a reasonable way for addressing the resources in the system.
I am not necessarily speaking about the end user (who can peacefully survive without knowing of any file system, as is demonstrated by iOS and other systems), but I am speaking about the power user and administrator.
M.D. _______________________________________________ HelenOS-devel mailing list [email protected] http://lists.modry.cz/cgi-bin/listinfo/helenos-devel
