dynamic python access control and readers.conf

Erik Klavon erik at eriq.org
Sun Jan 12 19:01:25 UTC 2003


Greetings

Now that I've hacked things so that the python hooks and readers.conf
can coexist, a question of precedence comes up. Should the access
group which matches a client have the final say in what groups that
client can read and post to, or should the dynamic access control 
python hook (authorize in the existing implementation) override
what readers.conf (or a dynamically generated access group) specifies?
I think the latter is the correct behavior, though I am at a loss for
a really good example that doesn't feel contrived. The intent of the hook
according to the documentation is to allow for more immediate changes
in access control rules (e.g. during a single session) without
restarting all nnrpd processes.

Erik

-- 
erik         | "It is idle to think that, by means of words, | Maurice
  kl at von     | any real communication can ever pass | Maeterlinck
    eriq.org | from one [human] to another." | Silence


More information about the inn-workers mailing list