[Zope3-dev] Re: RFC: Unification of requests and security contexts
through Use
Steve Alexander
steve at z3u.com
Tue Jan 27 06:47:15 EST 2004
Phillip J. Eby wrote:
> At 04:29 PM 1/21/04 +0200, Steve Alexander wrote:
>
>> I just talked with Jim about this, and about a puppet metaphor. We
>> discussed that if we follow this metaphor, we can change the diagram
>> in the proposal to dispense with "Actor", and just have a Use know
>> about Participations, each Participation having Principals. This is
>> pretty close to Phillip's revised diagram.
>
> Does the Use have typed relationships (e.g. runner-of-executable,
> author-of-executable) to the participations, or is it just an untyped
> bag? Or are the typed relationships at the participation level? Or...?
In a different message, I suggested that the Use be packaged with the
security policy. Code that wants to interact with the Use can adapt it
to something appropriate. In this case, whether the Use has typed
relationships or is an untyped bag depends on what security policy + Use
you choose.
If you are writing an application that would benefit greatly from having
typed relationships, then you'd be able to do that. I think an untyped
bag is sufficient for many applications.
The code that implements untrusted executables can adapt the Use to an
interface specifially for telling the Use about principals who wrote a
piece of untrusted code.
--
Steve Alexander
More information about the Zope3-dev
mailing list