Re: Ideas from the I&A Forum (DCE file permissions)

[Rich Salz <rsalz@osf.org>]

>>The "T (test)" permission is useful when --
>>    -	You only want to grant someone "read ACL" rights, and not "read object"
>>	rights.  As in "ls -l" vs. "cat"
>
>Is this different from giving read permission on the directory file but not
>on the files in that directory?
>
>>    -	You want to allow a comparison without disclosing the full state,
>>	such as "Can Rich read this file" or "Is Rich in the 'foo' group?"
>>	As in "grep ... >/dev/null ; echo $status" vs. "cat"
>
>In the hypothetical file system protected by SPKI certs, I believe this
>concern translates to the ability to read certs themselves.  Am I
>understanding you?

I think my attempt to draw parallels might have been confusing.

The full semantics of the "T (Test)" bit are defined by the server.
It is intended to be useful when you wish to distinguish between
"can query/read object metadata" as opposed to the "object state."
So if I have something like
	user:rsalz:rt
	user:carl:t
on some object, then presumably I can do "read" operation.  Or other
operation that requires the ability to "read" the object.  For example,
in a filesystem "grep" would require the ability to read the file.  You,
however, cannot read the object.  But the server would let you do things
like "ReadACL" on the object, or a "Stat" [in the stat(2) sense] on the
object.

Hope this makes more sense.
	/r$

---

• Prev by Date: Re: certificate chains
• Next by Date: Re: one possible motivation for X.509
• Prev by thread: Re: Ideas from the I&A Forum (DCE file permissions)
• Next by thread: Re: Ideas from the I&A Forum (DCE file permissions)
• Index(es):
  • Main
  • Thread