Jeremy Fitzhardinge wrote: > On 03/12/2010 04:12 PM, Toby Murray wrote: > >> http://testgrid.allmydata.org:3567/uri/URI:DIR2:u64egztouchecgmlssxx3nk3o4:skv6utnyk4o5y3ea4qaznxflne6mvf4rrrmddjnbkcmdpvadqgya/ >> >> > > An aside, this URL represents a (presumed) error I've been desperately > afraid of making myself because it seems so easy to do. This is a > *writable* directory cap, so Toby has given away the farm on this > directory, and we have no idea whether the explorer.zip referred to is > the one he intended. > > Tahoe's WUI makes it really easy to make this mistake because the > writable cap is clearly the one that the file owner is going to be using > - but (special occasions excepted) you're always going to want to give > away the RO variant. > > I have no idea how to address this. The problem is fundamental to a > capability system, so the question is: how to mitigate it? >
UI problem. Needs a capability manager with a UI for storing and managing capabilities that looks like a bookmark manager, and somewhat like a file manager, but that knows what capabilities are. It never ordinarily shows you the globally unique identifier, and when you drag and drop, or cut and paste, a capability from the capability manager to the outside, defaults to the least capable capability - typically read only. _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
