Talk:Object-capability languages

From Erights

(Difference between revisions)
Jump to: navigation, search
Line 1: Line 1:
-
Why do you think Erlang is "almost an object-capability language"? I think, it is an example of programming languages that is "not and far from being an object-capability language". Systems written in Erlang have all or nothing security. The whole system written in Erlang is as secure as its most malicious component. It is not possible to fix this straightforwardly. The language nature would have to change. Designations of processes are not capabilities (but guessable integers). Designations of functions are not integers (but atoms and you can freely convert between arbitrary strings and atoms. You can freely invent atoms). The permission to call a function are set by a poor module system. Erlang supports "hot code updates" which gives attacker (from untrusted subsystem) an authority to replace any code anywhere in the system. There are many holes in Erlang. I am skeptical. [[User:Kosik|Kosik]] 03:50, 2 April 2009 (CDT)
+
Why do you think Erlang is "almost an object-capability language"? I think, it is an example of programming languages that is "not and far from being an object-capability language". Systems written in Erlang have all or nothing security. The whole system written in Erlang is as secure as its most malicious component. It is not possible to fix this straightforwardly. The language nature would have to change. Designations of processes are not capabilities (but guessable integers). Designations of functions are not integers (but atoms and you can freely convert between arbitrary strings and atoms. You can freely invent atoms). The permission to call a function are set by a poor module system. Erlang supports "hot code swapping" (or some similar term) which gives attacker (from untrusted subsystem) an authority to replace any code anywhere in the system. There are many holes in Erlang. I am skeptical. [[User:Kosik|Kosik]] 03:50, 2 April 2009 (CDT)

Revision as of 08:54, 2 April 2009

Why do you think Erlang is "almost an object-capability language"? I think, it is an example of programming languages that is "not and far from being an object-capability language". Systems written in Erlang have all or nothing security. The whole system written in Erlang is as secure as its most malicious component. It is not possible to fix this straightforwardly. The language nature would have to change. Designations of processes are not capabilities (but guessable integers). Designations of functions are not integers (but atoms and you can freely convert between arbitrary strings and atoms. You can freely invent atoms). The permission to call a function are set by a poor module system. Erlang supports "hot code swapping" (or some similar term) which gives attacker (from untrusted subsystem) an authority to replace any code anywhere in the system. There are many holes in Erlang. I am skeptical. Kosik 03:50, 2 April 2009 (CDT)

Personal tools
more tools