[cap-talk] "ambient authority" on wiki.erights.org
David-Sarah Hopwood
david-sarah at jacaranda.org
Fri Jun 19 13:20:28 EDT 2009
Rob Meijer wrote:
> On Wed, June 17, 2009 19:34, Karp, Alan H wrote:
>> Rob Meijer wrote:
>>>> I have read and write permission to two files, A and B. Nobody else
>>>> has permission to read or write these files. When I say copy(A,B), I am
>>>> not designating which of my rights to use for each argument. The rights
>>>> are not shared, implicitly or otherwise, but they are ambient.
>>>
>>> If A and B are names, than your rights will need to shared implicitly
>>> between you and copy in order for copy to succeed, you use a name as
>>> only way to designate the objects to what you and copy share authority,
>>> that is therefore ambient.
>>>
>> Even if copy is a method running in the program that invoked it, the
>> authorities are ambient.
>
> Sure, granularity is irrelevant, the only facts that are relevant to it
> being ambient authority is that:
>
> a) authority is shared implicitly between the caller and the copy method.
Note that the caller doesn't actually need to have the authority.
The requirement here is just that some of the callee's authority
(that of copy in this case) is used.
> b) a name is used as designation for the objects involved.
Yes.
--
David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com
More information about the cap-talk
mailing list