[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: generalized permission for controls
I would suggest this be left out of the specification
and instead addressed by generalizing permissions
to grant access based upon a categorization of the
type of the access (read,write,...) being made as
opposed to the operation/sub-operation used to access
the directory.
Kurt
At 01:08 PM 7/24/2001, Ellen Stokes wrote:
>Folks,
>
>Mark Davidson proposed a generalized permission for
>controls in his note dated July 6 on ACM permissions.
>------------------------------------------------------------------------------
>ACI = rights "#" target "#" generalSubject
>
>permission = "x" ; execute control
>; permission u can only be used on controls
>
>target = "[all]" / "[entry]" / (attribute *("," attribute)) /
>"[controls]" / (controlType *("," controlType))
>
>controlType is defined in RFC2251
>
>Control use - can use control where aci is active (this
>replaces the g permission in a more general way)
>-------------------------------------------------------------------------------
>
>The authors like this idea and are working on text to
>incorporated this into the draft and move the
>getEffectiveRights control (and permission) in line with
>this proposal.
>
>We'll be putting a synopsis of this out shortly to the list.
>
>In the interim, any comments?
>
>Ellen