[saga-rg] permissions...
Andre Merzky
andre at merzky.net
Fri Sep 2 11:15:04 CDT 2005
Hi all,
you see, its SAGA day in Amsterdam :-P
The permission issue has been discussed a number of times
during the phone calls and on the list, and it was a TODO
item for me to draft an interface.
Well, here is the first shot at it, without much details.
before I go much further, feedback would be, as usual,
welcome.
Note that this interface might be in fact too simple, as it
requires additional calls in the name space interface to
allow stuff like:
dir = directory (url);
dir.set_permissions (U_READ, "file.secret.txt");
Right now the interface would only allow:
dir d = directory (url);
file f = d.open ("file.secret.txt");
f.set_permissions (U_READ);
f.close ();
and it seems in fact awkward to open a file just to set/get
permissions.
So, the real question I guess is: should it be an interafce
at all, or shouldn't we just include it into the name space?
Are (unix file like) permission of use elsewhere?
Cheers, Andre.
--
+-----------------------------------------------------------------+
| Andre Merzky | phon: +31 - 20 - 598 - 7759 |
| Vrije Universiteit Amsterdam (VU) | fax : +31 - 20 - 598 - 7653 |
| Dept. of Computer Science | mail: merzky at cs.vu.nl |
| De Boelelaan 1083a | www: http://www.merzky.net |
| 1081 HV Amsterdam, Netherlands | |
+-----------------------------------------------------------------+
-------------- next part --------------
+-------------------------------------------------------------+
#####
# # ##### #### # # # ### ### # ### # # ###
# # # # # ## ## # # # # # # ## # #
##### #### # # # # # # ### ### # # # # # # ###
# # #### # # # # # # # # # # # #
# # # # # # # # # # # # # # # ## # #
# ##### # # # # # ### ### # ### # # ###
+-------------------------------------------------------------+
Summary:
========
The SAGA API needs some meen to handle permissions to users
and resources. There multiple ways to specify such, e.g.
as ACLs, as standard Unix permissions, or with a full blown
authorization scheme. As we are not aware of a appropriate
_and_ simple standard for ACLs and authorization (on API
level), unix permissions are adapted for simplicity, and
extended by authorization hooks where necessary (e.g.
streams). That permission scheme might be changed in the
future to adopt any emergin standard Grid permission API.
+-------------------------------------------------------------+
#ifndef SHORT
Use Cases:
==========
TODO.
+-------------------------------------------------------------+
#endif
Specification:
==============
package SAGA version 0.1 {
package Permissions {
enum permissionBits {
U_RWX 0x700 // user (file owner) has read, write and execute permission
U_READ 0x400 // user has read permission
U_WRITE 0x200 // user has write permission
U_EXECUTE 0x100 // user has execute permission
G_RWX 0x070 // group has read, write and execute permission
G_READ 0x040 // group has read permission
G_WRITE 0x020 // group has write permission
G_EXECUTE 0x010 // group has execute permission
O_RWX 0x007 // others have read, write and execute permission
O_READ 0x004 // others have read permission
O_WRITE 0x002 // others have write permisson
O_EXECUTE 0x001 // others have execute permission
};
enum permissionFlags {
Recursive = 1
};
interface Permissions {
void set (in int perms,
in int permissionFlags);
void get (out int perms);
}
}
}
+-------------------------------------------------------------+
#ifndef SHORT
Details:
========
+-------------------------------------------------------------+
Examples:
=========
TODO
+-------------------------------------------------------------+
Notes:
======
+-------------------------------------------------------------+
#endif // SHORT
More information about the saga-rg
mailing list