Capability Security in Java
Bill Frantz
frantz at netcom.com
Thu Apr 25 17:56:34 PDT 1996
At 4:38 PM 4/25/96 -0700, Simon Spero wrote:
>One thing that could be retroactively added to the vm pretty easily would
>be the ability to add capability requirements to methods, and have the
>class loader automatically generate code to check for those requirements
>before executing the body of the method
Now there is a statement that makes me sit up and take notice. I certainly
havn't thought this subject thru carefully, but to start, I think I would
like capabilities to be held by a specific object, so if I give a Java
object permission to read a file, that permission is not automatically
inherited by other objects, or instances of the same object which use the
common method.
There would also have to be a technique where capabilities could be passed
from object to object to allow subcontracting.
Having the capabilities held by objects means that access the objects needs
to be controled as well. I notice some items on Hal's list of Java
security problems which indicate weaknesses in this area, but it is not
clear if they are bugs (which will be fixed) or "features".
Regards - Bill
------------------------------------------------------------------------
Bill Frantz | The CDA means | Periwinkle -- Computer Consulting
(408)356-8506 | lost jobs and | 16345 Englewood Ave.
frantz at netcom.com | dead teenagers | Los Gatos, CA 95032, USA
More information about the cypherpunks-legacy
mailing list