summaryrefslogtreecommitdiff
path: root/capability.mdwn
diff options
context:
space:
mode:
Diffstat (limited to 'capability.mdwn')
-rw-r--r--capability.mdwn8
1 files changed, 4 insertions, 4 deletions
diff --git a/capability.mdwn b/capability.mdwn
index ddadf137..7219cdce 100644
--- a/capability.mdwn
+++ b/capability.mdwn
@@ -11,7 +11,7 @@ License|/fdl]]."]]"""]]
A capability is a protected reference. It is a reference in that
it designates an object; it is protected in that in cannot be
-forged. A capabilities both designates the object it refers to and
+forged. A capability both designates the object it refers to and
carries the authority to manipulate it.
By binding [[designation]] and [[authorization]] together, capabilities
@@ -25,7 +25,7 @@ to protect against A hijacking his authority. (This problem is
refused to the [[confused_deputy]] problem.) Also, since A likely
sent a string to identify the file to B, the identifier lacks a
[[naming_context]] and therefore may resolve to a different object
-than A intended. Be ensuring that [[designation]] and [[authorization]] are
+than A intended. By ensuring that [[designation]] and [[authorization]] are
always bound together, these problems are avoided.
Capability-based system architectures strive to meet the *principle of least
@@ -39,8 +39,8 @@ individually); attenuation design pattern, membranes
(wikipedia_object-capability_model)?
-->
-A capability mechanism is typically implemented in software my the operating
-system kernel (typically a [[microkernel]]. The computing cost (as compared to
+A capability mechanism is typically implemented in software by the operating
+system kernel (typically a [[microkernel]]). The computing cost (as compared to
a hardware implementation) is neglectable.