[whatwg] Persistent storage is critically flawed.

On Sun, 27 Aug 2006 19:11:17 +0700, Shannon Baker <shannon at arc.net.au> wrote:

> But why bother? This whole problem is easily solved by allowing data to
> be stored with an access control list (ACL). For example the site
> developer should be able to specify that a data object be available to
> '*.example.com' and 'fred.geocities.com' only. How this is done (as a
> string or array) is irrelevant to this post but it must be done rather
> than relying on implicit trust where none exists.

While there are serious risks associated with global storage, I don't see how replacing the global storage with arbitrary ACLs on data items will help reduce them. All those advertisers etc can store a data item accessible to "*", can't they?


-- 
Alexey Feldgendler <alexey at feldgendler.ru>
[ICQ: 115226275] http://feldgendler.livejournal.com

Received on Sunday, 27 August 2006 20:19:59 UTC