(2010/01/07 17:50), dormando wrote: >> Are you suggesting that applications has to handle the scramble buffer >> correctly for each accesses? It seems to me we can obtain credential of >> the client using SASL authentication, without any additional hints. >> >> If the security map means something like access control list, what we >> are talking about is not fundamentally different. >> The issue is the way to store the properties within the item. >> >> BTW, Is the storage engine stackable? If not so, it seems to me we will >> face a tradeoff between persistent storage and access controls. >> >> Am I missing something? > > I think you should just grab the latest engine branch and go for it. It's > tracked under trondn's github.com account. Hit up the list for > feedback/etc, but just be forewarned that very little will go into the > core to slow down or increase memory requirements.
http://github.com/memcached/memcached/tree/engine-pu Is it correct branch for the discussion base? > However the engine API can be adjusted to better allow the tradeoffs if > necessary. If you really want to blow tons of CPU/RAM on having granular > access controls, you should be able to do it without having to patch > memcached... Unless you need to make significant changes to the protocol, > which again will be very hard since that absolutely has to stay simple. If the engine approach is right, I can implement my access control module for proof of the concept. Anyway, I'll try to check the engine branch. > So yeah. Most of the core devs are speed freaks, and the intent of > memcached is to supply minimal, if any, access control (or authentication) > for speed. That shouldn't stop you from using it as a proper framework if > you absolutely must. It's become enough of a standard that we can accept > this. > > -Dormando > -- OSS Platform Development Division, NEC KaiGai Kohei <[email protected]>
