I've been distracted by holiday events, but this requires a reply. On Sat, 20 Dec 2003, Aahz wrote: > Exactly. From my observations of these discussions, there are > essentially only two reasons for restricted execution: > > * To simplify things by reducing the potential solution space > > * To protect a system against a hostile attacker There is a huge blind spot in your claim. You forgot: * To limit the damage caused by a bug in your program * To make your programs have more predictable behaviour Capabilities are about making clear what parts of your program can and can't do. > Supposedly there's a middle ground of untrusted but non-hostile code, > but what's the point of providing support for that? Have you ever used a library written by someone else? Have you ever found a bug in something you wrote yourself? "Untrusted but non-hostile code" is what all of us write every day. -- ?!ng
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4