On 03/12/2010 04:12 PM, Toby Murray wrote:
> http://testgrid.allmydata.org:3567/uri/URI:DIR2:u64egztouchecgmlssxx3nk3o4:skv6utnyk4o5y3ea4qaznxflne6mvf4rrrmddjnbkcmdpvadqgya/
>
An aside, this URL represents a (presumed) error I've been desperately
afraid of making myself because it seems so easy to do. This is a
*writable* directory cap, so Toby has given away the farm on this
directory, and we have no idea whether the explorer.zip referred to is
the one he intended.
Tahoe's WUI makes it really easy to make this mistake because the
writable cap is clearly the one that the file owner is going to be using
- but (special occasions excepted) you're always going to want to give
away the RO variant.
I have no idea how to address this. The problem is fundamental to a
capability system, so the question is: how to mitigate it?
(I also love that this cap has "touch[é]" in it.)
J
_______________________________________________
tahoe-dev mailing list
[email protected]
http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
