ASCII art in an HTML email client makes my head hurt...
I'm not sure what Jonathon was originally trying to get at with his ASCII
diagrams, but CAS is definitely the way it has to be done. We have to
maintain compatibility with .NET and Mono apps, which will expect to have
some runtime (and in their cases, aka OS support) for security.
As far as I understand it, impersonation is just 'su' on steroids, in OO
form. You can't impersonate anyone that you either don't have the
credentials for and aren't an administrator of.
And no, we can't do away with impersonation. Mono's runtime may not support
CAS, but .NET apps expect it. And if we are going to allow server
applications and services, we have to be able to dynamically redefine the
identity of who is executing the current code... (And it should be easy for
us, because we control all layers of what is going on.)
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
SharpOS-Developers mailing list
SharpOS-Developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sharpos-developers
