Hi, Ian Boston schrieb: > > On 23 Jun 2009, at 12:28, Bertrand Delacretaz wrote: >>> Although Sling might choose to ignore this, I/we (sakai) are going >>> to need to do something since all our users have write access to the >>> repo, and at least 10% of them are Computer Science first year >>> students just itching to prove their prowess by hacking/defacing an >>> institutional system :) >> >> Brings back memories ;-) >> >> If we're using a distinct session for script resolution, we might want >> to make its credentials configurable, and setup that user to see >> scripts only under /libs and /apps. Would that suit your needs? > > yes, > certainly would, > We already have a "securityloader" along the same lines as the > "contentloader" so configuration of that would be easy for us.
The first step will be to use an admin session to access the scripts. So you may lock down read-access on these areas, where you deam read-access is not suitable. Of course, extending this to be able to provide configuration with credentials of a user to use to access the scripts is simple. Regards Felix
