|
|
|
|
|
|
by xerox13ster
620 days ago
|
|
|
I'm extremely confused by your first statement. If I take out all the parenthethicals, I get: "My idea of an operating system design, that all I/O must use capabilities." Any OS feature is a capability. Time and date are not I/O. What does capability mean to you? Then you go on to say that the built in language will allow definition of proxy capabilities "and the C programming language can also be used" How exactly does the inclusion of C avoid invasion of privacy? What such invasions? How does the conclusion follow? I am sincere, please help me make sense of what you are saying. |
|
|
> Time and date are not I/O.
In my system, they are. Anything except deterministic operations on the program's own memory is considered I/O.
> What does capability mean to you?
"Capability" refers to capability-based security. For a program to do any I/O, it must be given an object called a "capability" (which is similar than, but different than, a "file descriptor" in UNIX). There is no ambient authority; to open a file you must already be given a capability to open a file, etc. Capabilities can also be used to give someone else an additional capability.
A "proxy capability" is a capability that a program makes up itself, which can be used to pass messages between itself and another program that the proxy capability is given to. Programs cannot distinguish between a proxy capability and any other capability, therefore ensuring that anything that an application program would know from outside of itself can be overridden by the user. So, if a program wants to track your location, a proxy capability can be used to give fake location data (this is useful for testing as well, and also for other purposes e.g. if your computer cannot determine your location but you want to specify it anyways).
> How exactly does the inclusion of C avoid invasion of privacy?
Avoiding invasion of privacy is independent of what programming language is used.