CapDesk is a distributed desktop shell, written in E.
CapDesk is a distributed file browser and caplet launcher. It enables users to browse their own files, much like an ordinary desktop shell like GNOME's Nautilus or KDE's Konqueror. Users can double-click files to have them opened by applications for editing or viewing as normal, and use the shell to install new applications on their system. For example, double-clicking on a text file causes CapDesk to launch a text editor that enables the user to edit the file.
CapDesk differs from standard desktop shells, however, in its aggressive enforcement of the Principle of Least Authority (POLA).Double-clicking a file causes CapDesk to launch a caplet. Caplets are similar to standard applications, except that they are explicitly designed to be launched by CapDesk and must be written in E. When launching a caplet in response to the user double-clicking a file, CapDesk enforces POLA by granting the caplet only the ability to edit the specific file that was double-clicked and nothing else. Opening a new file within a caplet using the "Open File" dialog, causes CapDesk to grant the caplet the ability to access that file only, and no others. In this way, caplets are given the minimum authority required for them to function without requiring the user to do anything that they wouldn't otherwise do during the course of their work.
To run it, first install E. Then run the E script in
scripts/capDesk.e-swt. The former uses the AWT/Swing library to implement CapDesk's Graphical User Interface, while the latter uses SWT. SWT looks nicer but may not work without special configuration.
The first thing to do once CapDesk is running is to install some caplets. Navigate to the directory in which E was installed. Then navigate to the
caplets/ subdirectory. This directory should contain files ending in
.caplet. These are individual caplets which you can install to make CapDesk useful. Choose one, such as
CapEdit.caplet, right-click it and choose the Install option from the pop-up menu. This causes CapDesk to launch the caplet installer.
TODO: info about the installer, petnames, etc. Use CapEdit as the example. Add screenshots.
A Security Analysis of the Combex DarpaBrowser Architecture, David Wagner and Dean Tribble, March 4, 2002