ideas-computer-jasper-jasperCapabilities

two types of capabilities: advisory and security. advisory capabilities can be overridden by debug code.

capabilities are implemented by hiding various nodes in object graphs.

code can be placed in the equivalent of a 'user group', and capabilities on an object can be restricted by default but then available to various user groups

there are also 'ulimit'-ish capabilities, which are values that specify how much of some resource code can use.

the capabilities currently in force are stored in part of the meta tree for objects and semiglobals (dynamically scoped objects). these are readable by all but not writable without the 'admin' capability.

list of capabilities:

note: read/write applies to things like stdin, stdio, filesystem, particular files (as a special case of reading/writing to general sensors/effectors).

toreads