A capability is a protected reference. It is a reference in that it designates an object; it is protected in that in cannot be forged. A capability both designates the object it refers to and carries the authority to manipulate it.
By binding designation and together, capabilities simplify . Imagine that program instance A wants to tell program B to use a particular file to store some data. Further imagine that A and B are running in different (e.g., with different UIDs). If A sends B just the name of the file, B needs to first ensure that he does not accidentally enable A to access the file on his own authority. That is, B wants to protect against A hijacking his authority. (This problem is refused to the confused deputy problem.) Also, since A likely sent a string to identify the file to B, the identifier lacks a naming context and therefore may resolve to a different object than A intended. By ensuring that designation and are always bound together, these problems are avoided.
Capability-based system architectures strive to meet the principle of least privilege (Wikipedia, principle of least privilege).
A capability mechanism is typically implemented in software by the operating system kernel (typically a microkernel). The computing cost (as compared to a hardware implementation) is neglectable.
IRC, freenode, #hurd, 2013-07-01
<nlightnfotis> I have read plenty of documents, and wrapped my head around most Hurd concepts, but I still have not understood well what capabilities are. <youpi> Mmm, which capabilities? <youpi> AIUI, the Hurd doesn't really have a notion of capabilites, just a notion of owning a port right <nlightnfotis> From what I have understood (from the critique) they reference ports so they objects can be referenced via them <youpi> (which provides processes a way for doing things) <youpi> ok, so we are talking about the same thing, I guess <nlightnfotis> ahh, that's cool. I thought there was more to the story that I couldn't understand
What is a Capability, Anyway?, Jonathan Shapiro, 1999. This is an easily readable introduction with good examples. In the author's own words, the text provides a layman's introduction to capabilities, describing what they are, what they do, and why they result in better security than today's computer systems.: