Re: Access Control Charter from Timothy Holborn on 2014-04-27 (public-rww@w3.org from April 2014)

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Mon, 28 Apr 2014 02:30:01 +1000
To: Melvin Carvalho <melvincarvalho@gmail.com>
Cc: cr <_@whats-your.name>, public-rww <public-rww@w3.org>, Tim Berners-Lee <timbl@w3.org>
Message-Id: <D65D5581-25E3-40E0-AE05-5FC863F1C736@gmail.com>

Typo on webize page/link..

See below 

Timh
Sent from my iPad

> On 28 Apr 2014, at 2:24 am, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
> 
> 
> 
> 
>> On 27 April 2014 17:50, cr <_@whats-your.name> wrote:
>> some people like to write text on mailinglists, others code..
>> 
>> https://github.com/linkeddata/ldphp/blob/master/www/inc/class/WAC.php
>> 
>> am curious what constitutes the "essence" of WAC and what is implementation-specific.
>> 
>> "going recursive" up parent paths.. we well know URIs in RDF are opaque yet URIs have a hierarchical-part and those might be mapped to POSIX paths - where ldphp may have exited on an explicit allow, POSIX might have denied a similar situation due to a mode 700 several parents up.
>> 
>> there's the nod to "root" with the "domain owner"..
>> 
>> LDP Containers and container-level permissions could be an optimization to avoid running 50*3 SPARQL queries, providing all 50 resources are within a container.. chances are any container-hierarchical-permission-inheritance stuff is defined in WAC at a LDP level and not POSIX dir level anyways..
> 
> Very good points ...
> 
> So according to timbl's webize note [1]
> 
> unix file system -> ACL'd r/w linked data. 

-->  http://www.w3.org/DesignIssues/CloiudStorage.html. Rather than http://www.w3.org/DesignIssues/CloudStorage.html

> With the typical user,group,owner actors having read,write,execute permissions (tho we have the very useful append too)
> 
> Most people forget about the 4th dimension of POSIX which is the the setuid, setgui, sticky bit permissions
> 
> http://en.wikipedia.org/wiki/Setuid
> 
> I dont use these much but they I think are about executing "as" a user or group.  So maybe this could be some kind of solution to delegated access / secretaries.  
> 
> Might be a good time to refresh where we are on this issue, and collect implementations.  I'll be happy to update the wiki, if so ...
> 
> [1] http://www.w3.org/DesignIssues/Webize.html
>  
>> 
>> any other implementations to look at? Stample's Scala is going to take a bit for me to get me head around its wizard-levels of abstraction
>

Received on Sunday, 27 April 2014 16:30:35 UTC