[OLPC Security] find_bundle, etc in util/bundle.py
Marcus Leech
mleech at nortel.com
Mon Nov 5 15:47:18 EST 2007
Ivan Krstić wrote:
>
> No, you understood correctly, though I misunderstood what was being
> asserted. My point was that rainbow should maintain security records
> in a separate database on which it should perform access checks,
> instead of having to read activity.info files each time.
No worries. I saw some seminal documents that suggested that perhaps
activity.info was where capabilities were going to be
stored, so I took that as my diving board...
>
> That said, I don't find sticking the permission declaration into
> activity.info to be a good idea; a separate file in the activity
> bundle called 'permissions.info' or similar, and in the format parsed
> by the git tree to which I linked, is how I'd like to approach the
> problem.
>
I'm generally in favor of syntax-sharing when it comes to config files
for single application/application-framework/etc. Quite apart
from the code-sharing aspects (I admit that your parser is quite tiny
in this regard), it follows more the principle of "least
astonishment".
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : http://lists.laptop.org/pipermail/security/attachments/20071105/2fbcb2b1/attachment.pgp
More information about the Security
mailing list