Ambient authority

From Erights

Revision as of 07:09, 19 June 2009 (view source) Kosik (Talk) (Section "Notes concerning the definition" was simplified (shortened). Explanation of related notions can be linked from a new "See also" section.) ← Previous diff		Revision as of 10:40, 19 June 2009 (view source) Kosik (Talk) Next diff →
Line 14:		Line 14:
	* [[Excess authority]]		* [[Excess authority]]
		+	* [[Ambient authority system]]
	== Examples of ambient authority ==		== Examples of ambient authority ==

---

Revision as of 10:40, 19 June 2009

The correct interpretation of this page relies on proper interpretation of words: subject, object, operation and permission.

Contents 1 Definition 2 Notes concerning the definition 3 See also 4 Examples of ambient authority 5 Acknowledgement

Definition

IF a subject requests an action, typically by naming an object and an operation on that object, and the action is allowed because the subject has a permission that would allow the action, THEN we say that the subject has ambient authority.

Notes concerning the definition

Instead of "naming" an object, capability community often uses the term "designation" of an object.

Whether we can say that some chosen subject has ambient authority or not is solely determined by the fact HOW are operations allowed or denied. It is independent from the fact WHAT PERMISSIONS a given subject actually has. This matters in case of a term excess authority.

See also

• Excess authority
• Ambient authority system

Examples of ambient authority

All UNIX processes run by some user have ambient authority to manipulate all files owned by that user.

All UNIX processes have ambient authority to listen to TCP or UDP ports 1024--65535.

All UNIX processes have ambient authority to send any signal to any other UNIX process.

Acknowledgement

The term ambient authority was coined by Dean Tribble and Mark S. Miller.