[e-lang] Re: Comments on Lex's "Object as Capabilities in Squeak"

Lex Spoon lex at cc.gatech.edu
Fri Jan 31 10:00:25 UTC 2003

Robert Withers <rwithers12 at attbi.com> wrote:

> How would it be different?  Where would it hurt?  I can imagine that it 
> would be a beautiful engine, asynchronously sending messages and making 
> sure things synchronize later.  Events from the external system would 
> just be another message send into the image.  You wouldn't need an idle 
> loop.  You could schedule the message sends based on cost feedback.  I 
> don't have as good a feel for what SafeSqueak would feel like, though.
> Well, it wouldn't take a community commitment, of course, but it would 
> require some core group of enthusiasts.   I think they are out there.  
> :-)

SafeSqueak would also demonstrate to the Smalltalk community that such a
wonderful way to do in-language security is available.  Honestly, one
reason I got into this is that it drives me crazy whenever someone says
"we need security, so lets add passwords" or "we need security, so lets
start using cryptographic signatures".  If I start telling them about
capabilities, they currently just say "that's only theore.  It's
spinning my head, and I already understand and can use these other
methods, anyway.  Security = passwords.  nya nya nya i can't here you".

Yarg!!  If we start saying "Well, SafeSmalltalk does it this way", and
even better "SafeSmalltalk automatically prevents the security hole you
just got in your Java program", then these discussions will go a lot
more nicely.  Further, the world will start getting populated with more
secure software.  The most aggravating part of the computing industry is
that people keep doing stupid things out of ignorance.  There's little
respect far what has been studied already.  One of the chief designers
actually stood up at OOPSLA in front of 1000+ people a few years ago and
said he didn't see much point to having closures in his language.


More information about the Squeak-dev mailing list