On Wed, Jan 7, 2009 at 9:25 AM, Benjamin Reed <br...@yahoo-inc.com> wrote:

> This is the behavior we had when we first implemented the API, and in every
> case where people used the information there was a bug. it is virtually
> impossible to use correctly. In general I'm all for giving people rope, but
> if it always results in death, you should stop handing it out.

I think this is excessive rope...

Most people want to read the data and having a race here is just asking for

I'm not sure it is as much about excessive rope is it is about making it
easy for users to stumble on the correct use case and reduce bugs.

Ignorance is a wonderful gift you can give to your users :)

> In your example, if the ACL changed and then the data changed, we would
> have a security hole if we sent the data with the watch.

I thought you might mention that. :) Technically there wouldn't be a
security hole if the operation was this:
- set foo to 'asdf'
- set ACL to foo blocking everyone reading it...

If you needed to prevent a read of 'asdf' you need to do this:

- set ACL to foo blocking everyone reading it...
- set foo to 'asdf'

When they are 1ms apart it's hard to understand but imagine if they were 10
hours apart.

Technically, there would be a 1ms window where clients could do a getData()
on the file and read the value.


Founder/CEO Spinn3r.com
Location: San Francisco, CA
AIM/YIM: sfburtonator
Skype: burtonator
Work: http://spinn3r.com

Reply via email to