I am interested in new operating system technologies and new approaches to software systems.
I have been looking at Forth, Plan9, Java, Python, Inferno, Hurd, and other systems. Now I am reviewing Squeak and Smalltalk.
I joined the Squeak-E list because I saw a mention of capabilities as a security approach for Squeak or Smalltalk.
Can someone give me a little background on how this list appeared and what the topic is?
Thanks, Shane
email: shane@shaneroberts.com
Welcome to squeak, Shane.
On Friday, January 31, 2003, at 11:56 PM, shane@shaneroberts.com wrote:
Can someone give me a little background on how this list appeared and what the topic is?
How much background are you looking for? I believe it starts in the late '60s :) There is a lot of history here. See http://minnow.cc.gatech.edu/squeak/389
The list was just formed to take a look at what a secure squeak would look and smell like.
see http://www.squeak.org and http://www.erights.org
cheers, rob
Rob, I'm probably familiar with some of the background.
I have been a programmer since 1980 and have followed trends in the industry over the years, to a certain extent.
I am familiar with the background of Smalltalk and Squeak.
What I am not familiar with is capabilities, which I only stumbled on recently. My interest in the E-list is that I want to understand how to implement Internet security in relation to distributed objects, secure communications, and resisting hacker attacks (not sure there is a way to defend against denial of service under the present Internet implementation, except for certain router configuration techniques).
Anyway, in skimming through the capabilities literature, it seems access lists are considered cumbersome and ineffectual, and that "capabilities or better." Thus I am curious to learn more.
Shane
On 1 Feb 2003 at 14:32, Robert Withers wrote:
Welcome to squeak, Shane.
On Friday, January 31, 2003, at 11:56 PM, shane@shaneroberts.com wrote:
Can someone give me a little background on how this list appeared and what the topic is?
How much background are you looking for? I believe it starts in the late '60s :) There is a lot of history here. See http://minnow.cc.gatech.edu/squeak/389
The list was just formed to take a look at what a secure squeak would look and smell like.
see http://www.squeak.org and http://www.erights.org
cheers, rob
Squeak-e mailing list Squeak-e@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeak-e
Shane,
That's great. You and I are in a similar situation. I know a limited amount about capabilities and even less about how to implement a language to support them. That is why we are here on this list. In my understanding, the basic premise is that you can only send a message to a reference you have. You can get references only a few ways. Someone basically has to give you the reference to an object. The language and environment should be secure from leaking references.
I would recommend reading as much as possible on the erights site. It is very interesting.
cheers, rob
On Saturday, February 1, 2003, at 02:52 PM, shane@shaneroberts.com wrote:
Rob, I'm probably familiar with some of the background.
I have been a programmer since 1980 and have followed trends in the industry over the years, to a certain extent.
I am familiar with the background of Smalltalk and Squeak.
What I am not familiar with is capabilities, which I only stumbled on recently. My interest in the E-list is that I want to understand how to implement Internet security in relation to distributed objects, secure communications, and resisting hacker attacks (not sure there is a way to defend against denial of service under the present Internet implementation, except for certain router configuration techniques).
Anyway, in skimming through the capabilities literature, it seems access lists are considered cumbersome and ineffectual, and that "capabilities or better." Thus I am curious to learn more.
Shane
On 1 Feb 2003 at 14:32, Robert Withers wrote:
Welcome to squeak, Shane.
On Friday, January 31, 2003, at 11:56 PM, shane@shaneroberts.com wrote:
Can someone give me a little background on how this list appeared and what the topic is?
How much background are you looking for? I believe it starts in the late '60s :) There is a lot of history here. See http://minnow.cc.gatech.edu/squeak/389
The list was just formed to take a look at what a secure squeak would look and smell like.
see http://www.squeak.org and http://www.erights.org
cheers, rob
Squeak-e mailing list Squeak-e@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeak-e
Squeak-e mailing list Squeak-e@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeak-e
Robert, OK, I will study the erights.org site and see what I get out of it.
Shane
On 1 Feb 2003 at 16:31, Robert Withers wrote:
Shane,
That's great. You and I are in a similar situation. I know a limited amount about capabilities and even less about how to implement a language to support them. That is why we are here on this list. In my understanding, the basic premise is that you can only send a message to a reference you have. You can get references only a few ways. Someone basically has to give you the reference to an object. The language and environment should be secure from leaking references.
I would recommend reading as much as possible on the erights site. It is very interesting.
cheers, rob
On Saturday, February 1, 2003, at 02:52 PM, shane@shaneroberts.com wrote:
Rob, I'm probably familiar with some of the background.
I have been a programmer since 1980 and have followed trends in the industry over the years, to a certain extent.
I am familiar with the background of Smalltalk and Squeak.
What I am not familiar with is capabilities, which I only stumbled on recently. My interest in the E-list is that I want to understand how to implement Internet security in relation to distributed objects, secure communications, and resisting hacker attacks (not sure there is a way to defend against denial of service under the present Internet implementation, except for certain router configuration techniques).
Anyway, in skimming through the capabilities literature, it seems access lists are considered cumbersome and ineffectual, and that "capabilities or better." Thus I am curious to learn more.
Shane
On 1 Feb 2003 at 14:32, Robert Withers wrote:
Welcome to squeak, Shane.
On Friday, January 31, 2003, at 11:56 PM, shane@shaneroberts.com wrote:
Can someone give me a little background on how this list appeared and what the topic is?
How much background are you looking for? I believe it starts in the late '60s :) There is a lot of history here. See http://minnow.cc.gatech.edu/squeak/389
The list was just formed to take a look at what a secure squeak would look and smell like.
see http://www.squeak.org and http://www.erights.org
cheers, rob
Squeak-e mailing list Squeak-e@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeak-e
Squeak-e mailing list Squeak-e@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeak-e
Squeak-e mailing list Squeak-e@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeak-e
There are others on this list who could explain bette than I. i am also new to it
rob
On Saturday, February 1, 2003, at 05:38 PM, shane@shaneroberts.com wrote:
Robert, OK, I will study the erights.org site and see what I get out of it.
Shane
On 1 Feb 2003 at 16:31, Robert Withers wrote:
Shane,
That's great. You and I are in a similar situation. I know a limited amount about capabilities and even less about how to implement a language to support them. That is why we are here on this list. In my understanding, the basic premise is that you can only send a message to a reference you have. You can get references only a few ways. Someone basically has to give you the reference to an object. The language and environment should be secure from leaking references.
I would recommend reading as much as possible on the erights site. It is very interesting.
cheers, rob
On Saturday, February 1, 2003, at 02:52 PM, shane@shaneroberts.com wrote:
Rob, I'm probably familiar with some of the background.
I have been a programmer since 1980 and have followed trends in the industry over the years, to a certain extent.
I am familiar with the background of Smalltalk and Squeak.
What I am not familiar with is capabilities, which I only stumbled on recently. My interest in the E-list is that I want to understand how to implement Internet security in relation to distributed objects, secure communications, and resisting hacker attacks (not sure there is a way to defend against denial of service under the present Internet implementation, except for certain router configuration techniques).
Anyway, in skimming through the capabilities literature, it seems access lists are considered cumbersome and ineffectual, and that "capabilities or better." Thus I am curious to learn more.
Shane
On 1 Feb 2003 at 14:32, Robert Withers wrote:
Welcome to squeak, Shane.
On Friday, January 31, 2003, at 11:56 PM, shane@shaneroberts.com wrote:
Can someone give me a little background on how this list appeared and what the topic is?
How much background are you looking for? I believe it starts in the late '60s :) There is a lot of history here. See http://minnow.cc.gatech.edu/squeak/389
The list was just formed to take a look at what a secure squeak would look and smell like.
see http://www.squeak.org and http://www.erights.org
cheers, rob
Squeak-e mailing list Squeak-e@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeak-e
Squeak-e mailing list Squeak-e@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeak-e
Squeak-e mailing list Squeak-e@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeak-e
Squeak-e mailing list Squeak-e@lists.squeakfoundation.org http://lists.squeakfoundation.org/listinfo/squeak-e
squeak-e@lists.squeakfoundation.org