Hi Carsten, On Wed, Jan 6, 2016 at 9:56 AM, Carsten Ziegeler <[email protected]> wrote: > ....we should keep constraints and conclusions separate!...
So let's try to focus on the high-level requirements, I see this: 1) Create service users and set their ACLs as defined in the Sling instance's provisioning model. 2) Create initial paths like /var/discovery, so that ACLs can be set on them. 3) Make the full text of the ACL definitions available at runtime for auditing purposes (see Michael Marth's Dec.17 comment in SLING-5355). Also useful for upgrades where merging with conflict detection is needed. Do we agree on this? -Bertrand
