Niclas, > -----Original Message----- > From: Niclas Hedhman [mailto:[EMAIL PROTECTED] > Sent: Sunday, January 04, 2004 12:06 PM > To: Avalon Developers List > Subject: Re: Codebase level security > > On Sunday 04 January 2004 23:59, Alex Karasulu wrote: > > Take a look at how the XACML folks are trying to represent > > access controls. It might be worth basing the XML on XACML > > or a subset of it. > > AFAICT from the "Introduction to XACML" it is Subject Level security. (see > my > NOTE).
Yes yes your right my fault. > > What I am "on about" right now is basically the - > Djava.security.policy=file, > that almost always is set to AllPermissions, since people are too ignorant > of > what is actually required for an application. > > Once this is sorted out, I will continue with the Subject Level. Great I would like to get involved with this as well we need it for Eve over on the directory side as well as the code level security since Eve will execute user code via triggers and stored procedures. I wish there was a similar standard around expressing code level permission in XML but then again this is very language specific stuff so it probably does not exist. Alex --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
