[tahoe-dev] Tahoe-LAFS is widely misunderstood

Jody Harris jharris at harrisdev.com
Thu Feb 3 01:18:58 PST 2011


I think that FUSE would not be used for sharing capabilities, so I don't see
it as a problem.
----
- Think carefully.


On Wed, Feb 2, 2011 at 5:41 PM, Chris Palmer <chris at noncombatant.org> wrote:

> Brian Warner writes:
>
> > My problem with FUSE as the primary entry point is that it loses the
> whole
> > least-authority model. The POSIX filesystem APIs don't expose things like
> > retrieving a dircap for the subdirectory that you want to share with a
> > friend, so the easiest thing to do is to share your whole rootcap with
> > somebody, the equivalent of sharing passwords from the bad-old-days. It
> > also doesn't let you write programs that are restricted to interacting
> > with just a subset of your filesystem, so all the usual Confused Deputy
> > vulnerabilities are still around.
>
> Well, a WUI is no way to solve the confused deputy problem. :)
>
>
> --
> http://noncombatant.org/
>
> _______________________________________________
> tahoe-dev mailing list
> tahoe-dev at tahoe-lafs.org
> http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20110202/d1c01524/attachment.html>


More information about the tahoe-dev mailing list