[cap-talk] getting authorization from the user and the great insight
ihab.awad at gmail.com
ihab.awad at gmail.com
Fri Oct 5 00:46:00 EDT 2007
On 10/4/07, Jed Donnelley <jed at nersc.gov> wrote:
> In the context of running computer programs
> I use that term to denote the granting of
> a permission to access an object. I very much
> doubt your sentence ever appeared as an
> object that was access controlled.
If I highlight a sentence in component A and drag it to component B,
assuming everything is written in a fine-grained capability runtime
such as E, B gets a reference to a TextSnippet object from A. This
object *is* a capability in that it conveys authority hitherto
unavailable to B. One would assume that either A makes a defensive
copy, or wraps the text in an object that ensures no other part of the
text is leaked over to B.
So the piece of text is protected by capability security.
To use your city hall analogy, if I walk up to someone and dictate to
them my bank account details, I *am* giving them authority.
So I guess my point is that, in the general sense, no class of actions
can be partitioned out as being devoid of authority implications by
virtue of application programming concerns alone. Some typing of ascii
text may convey huge amounts of authority, while some dragging,
dropping and linking of objects may convey no useable authority at all
(e.g., if I drag a URL to a resource that is well known to everyone
anyway, like the Google logo GIF file).
Ihab
--
Ihab A.B. Awad, Palo Alto, CA
More information about the cap-talk
mailing list