- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Fri, 30 Jan 2015 12:32:22 +0100
- To: public-ldp@w3.org
Received on Friday, 30 January 2015 11:32:49 UTC
I'm using an LDPC as a webized version of a UNIX file system What I do is POST to an LDPC and look for the location field after creating a resource Then I add an ACL file to control access However I realized there is a short window where the file might not have the access control I want. An attacker could subscribe to the container for notifications then intercept the message creating a race condition In the UNIX world inodes and files are closely coupled so the operation is atomic, this is not true in HTTP Maybe a better idea would be to use the UNIX equivalent of a umask to set default permissions Any thoughts on this?
Received on Friday, 30 January 2015 11:32:49 UTC