Capability

Reference 1

ACL vs Capability

Access control list: attributes on objects, stating which subjects has which permissions;

  • e.g. file permission attribute bits on Linux.

Capability: attributes on subjects, stating the subject has what permissions over certain objects;

  • format, each capability has form of ; a subject can have a list of capabilities.
  1. reference ↩
Created May 16, 2020 // Last Updated Dec 6, 2021

If you could revise
the fundmental principles of
computer system design
to improve security...

... what would you change?