readers.conf proposal: (was Re: incoming.conf length limits)
Todd Olson
tco2 at cornell.edu
Fri Jan 31 14:44:07 UTC 2003
At 18:43 -0500 2003/01/30, Jeffrey M. Vinocur wrote:
>On Thu, 30 Jan 2003, Russ Allbery wrote:
>
>> Part of me is inclined to argue that anyone doing the sort of access
>> control that really needs this level of detail ideally wants to just
>> construct a custom group pattern for each user entirely inside their
>> custom-written authentication hook, and if we add that to the external
>> auth protocol like it already is in the Perl and Python hooks, that will
>> address the problem. But that's something of a cop-out, since I can
>> easily construct artificial examples where that would require writing a
> > custom authenticator where one isn't necessary now.
Hum ... just a nit about wording ... perhaps you meant to write
>Ah, but this is fundamentally access control, and not authorization. I
^^^^^^^^^^^^^
authentication
???
I though that 'access control' was 'authorization' ... ???
>
>definitely don't want to duplicate my (hypothetical) "take the union of
>all these access lists" code into every authenticator and resolver I use!
I agree. I shudder at the idea of having to wire up autheticators
with authorization code. They should be separate.
Regards,
Todd Olson
Cornell University
More information about the inn-workers
mailing list