[Cryptography] Do capabilities work? Do ACLs work?
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Feb 11 01:15:38 EST 2015
ianG <iang at iang.org> writes:
>Also, the users continue to demand ACLs.
I don't think users demand ACLs (or capabilities), they demand some means of
doing things like "make sure the competition doesn't get hold of our business
plans" or "make sure no-one outside payroll and the employee concerned can see
pay details". Whether you use ACLs, capabilities, or nasally-housed demons
doesn't really matter.
Having said that, ACLs are better-suited to expressing most of what users want
then capabilities. The reason why both Unix and Windows use groups and
permissions the way they do isn't because of a grand anti-capability
conspiracy, it's because that's the most practical/real-world-applicable way
to do it.
Peter.
More information about the cryptography
mailing list