On 6 September 2012 16:48, Martin Decky <[email protected]> wrote: >> Guess I really need to read up on those. >> Do you know of any introductory papers on the subject? > > > There are many papers about capabilities, but there are also many concepts > called capabilities that are related, but slightly different under the hood. > For example, in Mach the capabilities are used as a kernel-wide concept. In > other systems they are more file system related. > > You should perhaps start with [1], but you should also consult capabilities > in Amoeba, Coyotos and other systems. > > [1] http://www.eros-os.org/papers/sosp99-eros-preprint.ps > >
Thanks, I'll take a look at them. Also thanks Matt for the links. >> Thus my intention is to figure out whether a more coarse-grained >> permission system (based on conventional structure of the filesystem >> rather than individual file ownership) would be sufficient for most >> cases, and how to deal with the rest. > > > I understand your motivation. The question is how to combine the ease of use > during run-time with the fact that you need to store the permissions somehow > persistently while the system is off-line. > > That is a question. Since I intend the "permissions" to be reflected and enforced by the namespace structure, I think it is quite reasonable to let some kind of application/login server construct predefined namespaces based on a configuration file. On the physical filesystem level, the "permissions" would just be a set of plaintext scripts. >> It's striked-through because I figured it would be simpler if you >> could simply traverse the directory structure through file nodes >> alone, without any absolute paths. >> E.g. file_node *vfs_get_child(file_node *dir, char *relative_name); >> or something like that. >> >> Then no new addressing scheme is necessary, if the mount operation >> gives you a node reference. > > > Yes, as a programmatic way to traverse the file system this is perfectly > fine. But I still believe that there should be a way how a human user can > specify an unambiguous absolute path (including the namespace) of a file > from keyboard. Using URLs (or URIs, to be more precise) seems to me like a > reasonable way for addressing the resources in the system. > > I am not necessarily speaking about the end user (who can peacefully survive > without knowing of any file system, as is demonstrated by iOS and other > systems), but I am speaking about the power user and administrator. > Yes, of course. I haven't quite figured out the way end users should see the resources, yet. -- Jirka Z. _______________________________________________ HelenOS-devel mailing list [email protected] http://lists.modry.cz/cgi-bin/listinfo/helenos-devel
