- From: Alexey Feldgendler <alexey@feldgendler.ru>
- Date: Mon, 28 Aug 2006 10:19:59 +0700
On Sun, 27 Aug 2006 19:11:17 +0700, Shannon Baker <shannon at arc.net.au> wrote: > But why bother? This whole problem is easily solved by allowing data to > be stored with an access control list (ACL). For example the site > developer should be able to specify that a data object be available to > '*.example.com' and 'fred.geocities.com' only. How this is done (as a > string or array) is irrelevant to this post but it must be done rather > than relying on implicit trust where none exists. While there are serious risks associated with global storage, I don't see how replacing the global storage with arbitrary ACLs on data items will help reduce them. All those advertisers etc can store a data item accessible to "*", can't they? -- Alexey Feldgendler <alexey at feldgendler.ru> [ICQ: 115226275] http://feldgendler.livejournal.com
Received on Sunday, 27 August 2006 20:19:59 UTC