[cap-talk] Capabilities giving up control?
Mark Miller
erights at gmail.com
Mon Jan 21 00:18:43 EST 2008
On Jan 20, 2008 5:02 AM, John McCabe-Dansted <gmatht at gmail.com> wrote:
> However I'd like to clarify one possible exception. We may casually say that
> X can "influence" Y via a covert channel, but Y might not be in the
> transitive closure of permissions. Or would we say that X and Y have
> permissions to the shared resource used to implement the covert channel?
>
> However, we might still have the case: X -> Resource <- Y
> But not: X -> Resource -> Y
>
> Or are permissions reflexive?
Ignoring the overt-vs-covert issue covered in my previous message, you
touch on another distinction here which is related to but different
than the permissions vs authority distinction. In an ocap system, if
Alice has permission to talk to Bob, Alice can send Bob permission to
talk to Alice. Referring to Table 8.1 on p60 of
<http://www.cypherpunks.to/erights/talks/thesis/markm-thesis.pdf>,
"current permissions" (CP) are not reflexive but a "topological bound
on eventual permissions" (TP) is reflexive. In an ocap system, TP is
the transitive *bidirectional* closure over CP.
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list