22 Nov 2000 dan   » (Master)

OK, so I've been doing a little web-surfing lately to find out about capabilities-based security (in general - not in Linux specifically) and it seems to distill down to this: a capability is a bundle of an object and some actions that can be performed (with|on) that object. If you don't have the capability to do y to x, you can't - in fact, you can't even describe the operation involved.

Which seems quite tidy, though in all honesty pretty obvious really. So I'm left thinking there must be more to it than this. Where do you get the capability from in the first place? Or is that Policy (a.k.a "we haven't really thought about that yet")

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!