Cabsec by example... the fun game

There is a fun game called Bubble Breaker... I like to play it while I'm waiting for things to compile, format, etc.. but it has one big problem... it plays sounds... and doesn't provide a mute. I have a program that I trust, except for the annoying sounds.

In a cabsec world, I would just not supply it with the ability to write to the sound channel, and it would still work. It's the inability to express my desire to simple NOT MAKE SOUND that is frustrating. Sound is a simple thing that doesn't permanently affect my system, I also have no way to express other, more crucial limits.

This is the heart of cabsec, the ability to explicitly supply capabilities to a program, instead of having to manually block off everything.

Persevere - First impressions

The Persevere project is an open source set of tools for persistence and distributed computing using intuitive standards-based JSON interfaces of HTTP REST, JSON-RPC, JSONPath, and HTTP Channels. The core of the Persevere project is the Persevere Server. The Persevere server includes a Persevere JavaScript client, but the standards-based interface is intended to be used with any framework or client.

The interesting thing about this is that they mention capabilities in their security model, and they offer support for pluggable security modules. So, even if they don't due "pure" capabilities, someone else could add a library that does.