Capability Theory by Sound Bytes is a collection of insights for designing capability based systems. Collected, edited and collated by Norm Hardy of Cap-lore
Norm and I recently connected on email to discuss capabilities:
"A point I failed to make in my previous mail is that the security bugs in Linux are in the specs, not necessarily the implementation of the specs." "Implementing the wrong specs in a language gives you a program that does not provide security." "In short the main problem with Linux is static permissions and too coarse permissions."