-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 17/01/2004, at 10:34 AM, Jim Fulton wrote:
I I'm pretty sure that I can redo the way we protect dictionaries and
lists so that we can provide backward compatability. If I can do
this,
I will, because backward compatability *is* important,
Jim Fulton wrote at 2004-1-16 18:54 -0500:
...
For security checks, the accessed object should be the driving factor
and not the particular way the access is made.
Well, sorry, that's not what this is about. We are talking about what
to do when accessing objects without roles. The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 16/01/2004, at 9:23 AM, Jim Fulton wrote:
Dieter Maurer wrote:
Jim Fulton wrote at 2004-1-15 10:03 -0500:
...
Right. The name attribute was intended for attribute-based access.
IMO, it makes no sense to consider key values when doing security
Dieter Maurer wrote:
Jim Fulton wrote at 2004-1-15 17:23 -0500:
...
None should never be passed for attribute accesses. If it is,
then there is a bug. The case of dictionary mapping names to
whatever is for attribute access. We are talking about item/key
access. I haven't seen a use case for
Jim Fulton wrote:
Stuart Bishop wrote:
...
It was never intended that the ability to control unprotected sub-objects
by name would apply to items. It was sloppy coding on my part that item
indexes
(yes, indexes, like, say, 1) and keys were passed as names. I can
certainly
understand why
Dieter Maurer wrote:
Jim Fulton wrote at 2004-1-15 17:23 -0500:
BTW, telling me that an algorithm has changed doesn't constitute
a use case. :) I know that algorithm has changed. I assert that
we don't need the feature that the change broke. I am open
to evidence to the contrary.
Do you have
Jim Fulton wrote at 2004-1-15 10:03 -0500:
...
Right. The name attribute was intended for attribute-based access.
IMO, it makes no sense to consider key values when doing security
checks.
I will let Jim comment on your use case.
What use case? I missed it. Where is it?
Dieter Maurer wrote:
Jim Fulton wrote at 2004-1-15 10:03 -0500:
...
Right. The name attribute was intended for attribute-based access.
IMO, it makes no sense to consider key values when doing security
checks.
I will let Jim comment on your use case.
What use case? I missed it. Where is it?
Jim Fulton wrote at 2004-1-15 17:23 -0500:
BTW, telling me that an algorithm has changed doesn't constitute
a use case. :) I know that algorithm has changed. I assert that
we don't need the feature that the change broke. I am open
to evidence to the contrary.
Do you have a convincing reason to
Jim Fulton wrote at 2004-1-15 17:23 -0500:
...
None should never be passed for attribute accesses. If it is,
then there is a bug. The case of dictionary mapping names to
whatever is for attribute access. We are talking about item/key
access. I haven't seen a use case for needing to specify
10 matches
Mail list logo