[Question][Hw4] Can capability be passed over more than once?

[s20200366]

Name: Jaewoo Ahn

In a case like

enum access_control_t { Acl, Capability };
enum permission_t { Own, Read, Execute };

const enum access_control_t access_control = Capability;

void init() {
  create_subject("attacker");
  create_subject("deputy");
  create_subject("wizard");
  create_object("secret_file");
  create_object("deputy");
  create_object("wizard");
  enter(Read, "attacker", "secret_file");
  enter(Execute, "attacker", "deputy");
  enter(Execute, "deputy", "wizard");
}

void attacker() {
  int fd = open("secret_file", Read);
  execute_with_capability(fd, "deputy");
}

void deputy(int proc) {
  execute_with_capability(proc, "wizard");
}

void wizard(int fd) {
  read_with_capability(fd, "secret_file");
}

Will the result be "Compromised" since wizard can consult the fd to read the secret file? Or does only the capability of the last executer(in this case, deputy) matter? Thank you.

[github-actions[bot]]

Possible duplication detected. Refer to #297

[s20200366]

The question above linked by github bot gives "deputy" the authorization to "read" the "secret_file" by conferer in the middle. I think my question is about what happens without anymore confering

[sujin0529]

Refer to the issue.

Thanks.