Hacker News new | past | comments | ask | show | jobs | submit login

I just realised it's 2019 and capabilities are still misunderstood, and the ACL-capability-equivalency myth continues to result in poor solutions to security problems.

For anybody who is curious, the general problem here is described in two great papers as "the confused deputy" [1] and "designation without authority" [2].

Roughly put, systems built with ACLs as the primitive mechanism for authorization can never produce practically secure systems.

[1] http://zoo.cs.yale.edu/classes/cs422/2010/bib/hardy88confuse...

[2] http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf

I fear that it's because we don't know how to make globes. [0]

[0] https://corbinsimpson.com/words/globe.html

Reading that felt surprisingly familiar! I pottered about for 2 years trying to build a GUI for a Globe-based world and gave up.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact