http://www.newlc.com/topic-14318 Comments for "Capabilities and executables" en http://www.newlc.com/topic-14318#comment-31264 <div class="smf-content">Fructose,<br /><br />You&#039;re right, server B can hide server C&#039;s APIs so that it doesn&#039;t enforce those strict capabilities that C does. Please note, though, that it&#039;s not trivial to write such a server (B) as holding strong capabilities requires signing the program. And signing means that server B will be reviewed and the author of that component must have good arguments for hiding the system capability enforcement of another component.<br /><br />Tote</div> Thu, 11 May 2006 23:15:33 +0200 tote comment 31264 at http://www.newlc.com http://www.newlc.com/topic-14318#comment-31263 <div class="smf-content">I suppose C feels that it has a good reason to trust A, and that it has a way to check that the request actually comes from A and not from D (which is a very destructive app, intent on destroying the universe).&nbsp; </div> Wed, 10 May 2006 09:15:03 +0200 puterman comment 31263 at http://www.newlc.com http://www.newlc.com/topic-14318 <div class="smf-content"></div><p><a href="http://www.newlc.com/topic-14318">read more</a></p> http://www.newlc.com/topic-14318#comments Platform Security Wed, 10 May 2006 00:03:12 +0200 Fructose 14251 at http://www.newlc.com