Hi, Yet pronoun to dereference ;)
By "we" I wanted to refer to the Stanbol community. It was an attempt of a reduction ad absurdum - but of course we theoretically could vote on dropping the reusability goal for the components we build. Cheers, Reto On Mon, Apr 8, 2013 at 4:01 PM, Fabian Christ <[email protected]>wrote: > Hi, > > perhaps it is really just security. Some people have the use case that > they do want support for that others do not care. That's the pattern > even if I do not understand who Reto refers to as "we" in his mail. As > a community we should ensure that all can work on the things they want > to. > > In any case, we have the process of opening issues if something is not > working as expected for others. That's something concrete. If issues > remain open for too long, we should take action. I think the community > can expect the security guys to do their best to fix things as soon as > they popup. > > 2013/4/8 Reto Bachmann-Gmür <[email protected]>: > > Hi Bertrand > > > > It's not just about about multi-user. Even we would say that we want > > Stanbol only to be a stateless single-user engine we might still care > about > > handling java security correctly in case we want to support our modules > > being integrated in other applications. So the issue would not just about > > doping authentication but also to significantly reduce reusability of the > > Stanbol components. > > > > Take for example a logging system. Typically a library that provides no > > support for multiple-user. Yet such a library has to care about not > > requiring any unexpected permission on logging. > > > > Cheers, > > Reto > > > > On Mon, Apr 8, 2013 at 12:11 PM, Bertrand Delacretaz < > [email protected] > >> wrote: > > > >> Hi, > >> > >> I'm trying to understand the disconnect that we're seeing in the > >> security discussions...isn't that more about the following two modes > >> of using Stanbol? > >> > >> Single user Stanbol: > >> A stateless engine that's accessed by trusted systems, which are > >> supposed to handle security and access control by themselves > >> > >> Multi-user Stanbol: > >> An engine that's accessed by non-trusted users and might store their > >> data, so needs security features, user management, etc. > >> > >> Agreeing on these two usage modes might help us have more constructive > >> discussions, IMO, about features that multi-user requires but > >> single-user doesn't even want to see. > >> > >> -Bertrand > >> > > > > -- > Fabian > http://twitter.com/fctwitt >
