Talk:Object-capability languages

From Erights

Revision as of 16:05, 24 July 2009 by Kosik (Talk)
Jump to: navigation, search

Why do you think Erlang is "almost an object-capability language"? I think, it is an example of programming languages that is "not and far from being an object-capability language". Systems written in Erlang have all or nothing security. The whole system written in Erlang is as secure as its most malicious component. It is not possible to fix this straightforwardly. The language nature would have to change. Designations of processes are not capabilities (but guessable integers). Designations of functions are not capabilities (but atoms and you can freely convert between arbitrary strings and atoms. You can freely forge any atom). The permission to call a function are set by a poor module system. Erlang supports "hot code swapping" (or some similar term) which gives attacker (from untrusted subsystem) an authority to replace any code anywhere in the system. There are many holes in Erlang. I am skeptical. Kosik 03:50, 2 April 2009 (CDT)

Personal tools
more tools