I think that BINDing's across security domains will in practice only occur across multiple instances of a product from a single vendor. In those cases, I don't see why a BINDing across across security domain will necessarily behave any differently. --Eric Elias Sinderson wrote: > > Julian Reschke wrote: > >> [...] most of the open Bugzilla issues should have been closed [...] > > > 71, Clarify what servers may and may not do with privileges when BIND > is used > As ACLs are defined on resources, not bindings, I don't see how the > spec can say much that hasn't already been said. There are, however, > potential issues with bindings across different security domains. If > anything, I would advocate a restrictive approach to permissions. That > is, permissions on bindings SHOULD default to those of the resource > where possible, but MAY be restricted when bindings are made across > namespaces with different permissions. Permissions MUST NOT be granted > or extended in the above scenario. As I see it, this is the prudent > thing to do in this situation. The only other option would be to > forbid bindings across security domains that cannot maintain the > existing permissions exactly as they are on the resource (if, for > example, a given principledid not exist and could not be created). > > Comments? > > > Best, > Elias >Received on Tuesday, 26 April 2005 22:02:19 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 12 October 2007 17:53:23 GMT