[cap-talk] "ambient authority" on wiki.erights.org
Matej Kosik
kosik at fiit.stuba.sk
Thu Jun 11 18:24:38 EDT 2009
Mark Miller wrote:
> On Thu, Jun 11, 2009 at 9:47 AM, David-Sarah Hopwood
> <david-sarah at jacaranda.org <mailto:david-sarah at jacaranda.org>> wrote:
>
> Matej Kosik wrote:
> > What about this:
> > http://wiki.erights.org/wiki/Ambient_authority
> > (that page can be deleted by wiki administrator if it is
> inappropriate)
>
> # If a subject can operate on all objects of a given type, we say that
> # it has ambient authority.
>
>
> Huh? I am completely confused. What do types have to do with anything?
That is I think the weakness of the definition I thought was good. It is
not usual to think that objects
(from this context:
http://en.wikipedia.org/wiki/Access_control#Computer_security
)
have types. In (e.g.) UNIX there are many objects which have different
types:
- there is a set of objects we call "files"
- there is a set of objects we call "processes"
- there is a set of objects we call "TCP ports"
- there is a set of objects we call "UDP ports"
- etc.
It makes sense to speak about types because there is a different set of
operations we can perform on different types of objects.
We can kill a process but we cannot kill a file (send it a KILL signal).
Etc.
But this may be unusual (although I think reasonable) thinking. If yes,
then it would not be wise to define one term (ambient authority) with
terms that should be interpreted in unusual way. I agree.
More information about the cap-talk
mailing list