[cap-talk] "ambient authority" on wiki.erights.org
David-Sarah Hopwood
david-sarah at jacaranda.org
Mon Jun 15 14:55:44 EDT 2009
Karp, Alan H wrote:
> David-Sarah Hopwood wrote:
>> The dereference of the static variable represents use of ambient authority.
>>
> No it doesn't. The object is referenced explicitly.
The object dereferenced by name, from a global namespace (assuming
we are considering global static variables), without specifying any
additional permission that grants the authority to dereference this
variable.
There is no essential difference between this and the fopen+fread example:
in both cases you have an ambient dereferencing operation, followed by a
non-ambient use of the obtained reference.
> The fact that any object can use the reference is irrelevant to whether or
> permissions are ambient.
Yes, it is. That doesn't contradict my point. If any subject can
dereference the static variable without specifying any permission,
then the dereferencing operation is ambient.
(This may be harmless if the obtained authority is not significant,
as in the case of access to public immutable data, for instance.)
--
David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com
More information about the cap-talk
mailing list