[cap-talk] "ambient authority" on wiki.erights.org

Rob Meijer capibara at xs4all.nl
Fri Jun 19 02:34:06 EDT 2009 

On Fri, June 19, 2009 06:06, Rob Meijer wrote:
>
> class FileSystem {
>   static map<string,FileObject> mFiles;
>   static openFile(string filename) {
>      return mFiles[filename];
>   }
> }
> function copy(String outName, String inName){
>   File in  = FileSystem::openFile(inName);
>   File out = FileSystem::openFile(outName);
>   out.write(in.read());}
> }
> main(String a, String b){
>  copy(a,b);
>  return;
> }

This example might be useful to get our standpoints more clear.
I hope the above is an example we can all agree uses ambient authority.
Lets make a few modified versions and see how we think about those.

class FileSystem {
  static map<string,FileObject> mFiles;
  static openFile(string filename) {
     return mFiles[filename];
  }
}
function copy_ab(){
  File in  = FileSystem::openFile("a");
  File out = FileSystem::openFile("b");
  out.write(in.read());}
}
main(){
 copy_ab();
 return;
}

It seems that all parties involved have exactly the same authority as in
the first example, we are still using and dereferencing names, so I would
not see any reason why this to wouldn't constitute ambient authority,
agreed?

Now lets take it one step further:

class FileSystem {
  static FileObject mFileA;
  static FileObjext mFileB;
  static openAFile(string filename) {
     return mFileA;
  }
  static openBFile(string filename) {
     return mFileB;
  }
}
function copy_ab(){
  File in  = FileSystem::openFileA();
  File out = FileSystem::openFileB();
  out.write(in.read());}
}
main(){
 copy_ab();
 return;
}

Now again nothing changes in the authority of anything compared to the
previous two examples, we are still using names, although variable names
instead of string values, still names, so I would think we are still
talking about ambient authority. Do we all agree on that?

Now lets see if we reduce this further:

class Copier {
  static FileObject sFileA;
  static setSourceFile(FileObject a) {
     sFileA=a;
  }
  void copy(FileObject fileb) {
     sFileA.seek(0);
     fileb.write(sFileA.read());}
  }
}
main (FileObject a,FileObject b, FileObject c){
  Copier::setSourceFile(a);
  copy_from_a = new Copier();
  copy_from_a.copy(b);
  copy_from_a.copy(c);
}

Yes, looks like it. We move the shared authority carrying state from
global scope to the copier static scope, and essentially all relevant
parts of the previous examples remain, we still have an example of ambient
authority.

More information about the cap-talk mailing list