[Cosmo-dev] Re: securing access to items in multiple collections
Randy Letness
randy at osafoundation.org
Mon Oct 1 09:25:42 PDT 2007
Brian Moseley wrote:
> i've noticed a tendency to suggest things that abuse tickets simply
> because the correct alternative (creating a real access control model
> in the server) seems too scary. we need to stop this and get real
> about securing our data. until we do that, while the server may be
> interesting for some small number of people who are happy with our
> current informality, it will only be a toy for a much broader group of
> potential users.
>
We have the ticket model today because its easy to grant access to users
without having to specify everyone in an acl. Also, everyone may not
have a hub account so the anonymous ticket based access is necessary. I
think the server should support both, that is the ability to grant
access to items/collections to users/groups and the ability to grant
access to items/collections using tickets. Maybe a ticket should just
be a way to either update the item on the server anonymously, or a way
for an account to be added to acl of the item.
-Randy
More information about the cosmo-dev
mailing list