Ted Leung wrote:
On Mar 15, 2007, at 4:06 PM, Mimi Yin wrote:
Morgen, I think that's the desired behavior? If you have 1 item in 2
collections with conflicting privileges, we want the more liberal
privilege to win on that item, namely read-write.
I just re-read this. If that's the desired behavior, than that's what
we have now. The only problem is that a bunch of people consider this
to be a security problem.
If I understand correctly, this scenario is not the security hole.
The security hole is when:
Katie publishes a read-only calendar (Katie-work).
Mimi adds "staff-meeting" (found in Katie-work) to "Mimi-work".
Mimi publishes "Mimi-work" as read-write.
"staff-meeting" now has read-write permissions, allowing Mimi to edit
"staff-meeting" and have the changes percolate back to "Katie-work",
which was shared read-only.
If Katie had published both Mimi-work (read-write) and Katie-work
(read-only), then presumably she'd be comfortable with "staff meeting"
being read-write. (The scenario that Morgen mentions, and which Mimi
says is desirable behavior).
The problem arises when Mimi's action causes Katie's read-only event to
surprisingly become read-write.
Cheers,
Katie
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
Open Source Applications Foundation "Design" mailing list
http://lists.osafoundation.org/mailman/listinfo/design
