[Python-Dev] Re: Capabilities

Ben Laurie ben@algroup.co.uk
Thu, 13 Mar 2003 10:47:59 +0000

Greg Ewing wrote:
> Ben Laurie <ben@algroup.co.uk>:
>>If I understand them correctly, a Zope proxy where the security checker 
>>always says "yes" is a capability. Except, possibly, they may be 
>>forgeable, I don't know them well enough to know.
> A security checker that could be easily forged wouldn't
> be very, er, secure, would it?-)

Its the proxy that needs to be unforgeable. And since their model is 
role-based, I assume its not a fundamental requirement for them.



http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff