Hacker News new | past | comments | ask | show | jobs | submit login

> To make a memory safe language capability secure, you simply remove all sources of ambient authority.

Isn't this more or less what Sun tried to do with Java applets, which in practice turned out not to be so simple while providing a rich API?




> Isn't this more or less what Sun tried to do with Java applets, which in practice turned out not to be so simple while providing a rich API?

I'm not familiar with the Java applet model specifically, but Java's general security model is based on stack inspection, which is nothing like capabilities.


http://www.cs.cornell.edu/home/chichao/sip99.ps

http://www4.cs.fau.de/Projects/JX/

Note: JX takes a different route but shows POLA can be done simply and performant.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: