> i use gmail / browser and it does not support monospace fonts.... [Jonathan Dickinson] Cool. Sorry man, I will try to come up with something :). Should maybe fire up Visio :). > > It might be a good idea to seperate application and user rights though, > and really thinking about minimizing or even completely eliminating > impersonation > (if we can) because it's an often abused 'feature' by hackers and > virii.. [Jonathan Dickinson] Indeed it is. But think of the most basic server: FTP, you simply can't do it without impersonation. I think another way around it is as follows:
FTP > Creates (FSProc) with user supplied credentials (a process cannot change its own user context) > Denies All (Explicit declination, that right cannot be granted unless by the FTP Proc) > Allows FS Access (Explicit approval, because we are the FTP Proc) > Initializes FSProc FSProc > Go and does stuff on the FS. > > And like i mentioned, personally i'd like to keep everything as > transparent as possible, it keeps you in control, and impersonation > makes everything completely un-transparent.. because the application > that impersonates you might do things in your name that you can't see > and control.. > > Any ideas about this? [Jonathan Dickinson] My previous post was pretty transparent, I think. But I have my perspective on it and I might be barking up a rather insane tree. It also keeps us safe with this. But we need to be able to apply the rights from a specific user. Servers just can't be done without it. Jonathan Dickinson ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ SharpOS-Developers mailing list SharpOS-Developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sharpos-developers