Talk:Object-capability languages

From Erights

Jump to: navigation, search

Why do you think Erlang is "almost an object-capability language"? I think, it is an example of programming languages that is "not and far from being an object-capability language". Systems written in Erlang have all or nothing security. The whole system written in Erlang is as secure as its most malicious component. It is not possible to fix this straightforwardly. The language nature would have to change. Designations of processes are not capabilities (but guessable integers). Designations of functions are not capabilities (but atoms and you can freely convert between arbitrary strings and atoms. You can freely forge any atom). The permission to call a function are set by a poor module system. Erlang supports "hot code swapping" (or some similar term) which gives attacker (from untrusted subsystem) an authority to replace any code anywhere in the system. There are many holes in Erlang. I am skeptical. Kosik 03:50, 2 April 2009 (CDT)

I did not dig deeper, but Scala might be also an object-capability programming language. Kosik 11:20, 14 April 2011 (CDT)

It might be also worthwhile analyze Lua and describe why it is or it is not an object-capability programming language. Kosik 04:14, 15 April 2011 (CDT)

Personal tools
more tools