W3C home > Mailing lists > Public > public-rww@w3.org > April 2014

Re: Access Control Charter

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Sun, 27 Apr 2014 18:24:50 +0200
Message-ID: <CAKaEYh+aWPn_N7igdkSErS-bmGgiet55XYL3-os=hj4y25Samw@mail.gmail.com>
To: cr <_@whats-your.name>
Cc: public-rww <public-rww@w3.org>
On 27 April 2014 17:50, cr <_@whats-your.name> wrote:

> some people like to write text on mailinglists, others code..
> https://github.com/linkeddata/ldphp/blob/master/www/inc/class/WAC.php
> am curious what constitutes the "essence" of WAC and what is
> implementation-specific.
> "going recursive" up parent paths.. we well know URIs in RDF are opaque
> yet URIs have a hierarchical-part and those might be mapped to POSIX paths
> - where ldphp may have exited on an explicit allow, POSIX might have denied
> a similar situation due to a mode 700 several parents up.
> there's the nod to "root" with the "domain owner"..
> LDP Containers and container-level permissions could be an optimization to
> avoid running 50*3 SPARQL queries, providing all 50 resources are within a
> container.. chances are any container-hierarchical-permission-inheritance
> stuff is defined in WAC at a LDP level and not POSIX dir level anyways..

Very good points ...

So according to timbl's webize note [1]

unix file system -> ACL'd r/w linked

With the typical user,group,owner actors having read,write,execute
permissions (tho we have the very useful append too)

Most people forget about the 4th dimension of POSIX which is the the
setuid, setgui, sticky bit permissions


I dont use these much but they I think are about executing "as" a user or
group.  So maybe this could be some kind of solution to delegated access /

Might be a good time to refresh where we are on this issue, and collect
implementations.  I'll be happy to update the wiki, if so ...

[1] http://www.w3.org/DesignIssues/Webize.html

> any other implementations to look at? Stample's Scala is going to take a
> bit for me to get me head around its wizard-levels of abstraction
Received on Sunday, 27 April 2014 16:25:18 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:10:45 UTC