[cap-talk] "ambient authority" on wiki.erights.org
Mark Miller
erights at gmail.com
Thu Jun 11 14:17:39 EDT 2009
On Thu, Jun 11, 2009 at 9:47 AM, David-Sarah Hopwood <
david-sarah at jacaranda.org> wrote:
> It also doesn't really capture the fact that it is characteristic
> of ambient authority that requests refer to objects by forgeable names.
If by "characteristic" you mean "typical but not necessary", then yes. But
do note that it is not a necessary property. If we take the original
confused deputy example and substitute unforgeable opaque authority-free
file designators for the file names, we still have ambient authority leading
to confused deputy.
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20090611/18a2690b/attachment.html
More information about the cap-talk
mailing list