[tahoe-dev] Tahoe Access Control
Zooko O'Whielacronx
zooko at zooko.com
Thu Jun 2 22:14:11 PDT 2011
Dear Brandon:
> Thank you for all the feedback. Is it possible to have multiple options like
> update, read, or delete as well?
There are two types of objects: files and directories.
A file or a directory can be either immutable or mutable.
There are three types of caps: read-caps to immutable objects,
read-caps to mutable objects, and write-caps to mutable objects.
(There are also verify-caps which give you access to the ciphertext
and enough metadata to verify the cryptographic correctness of the
ciphertext. This is cool because you can give a verify cap to someone
and ask them to check that the file is undamaged without giving them
the ability to read the file.)
There is not currently a distinction between the ability to write a
complete new version of a mutable object versus the ability to append
onto an object without being able to overwrite its existing data. To
invent such a thing is the goal of ticket #795.
There is not currently a way to give someone write access to an object
without also giving them read access to it. To invent such a thing is
the goal of ticket #796.
"Delete" is better termed "unlink". If you have write access to a
directory, then you can write out a new version of that directory
which is just like the old version except omitting one of its
children. This unlinks that child from that directory. It doesn't
delete the unlinked object! There might still be another directory
that has a link to that object, or a user might have a capability that
gives them direct access to that object. Actual deletion of the object
from the storage servers happens only upon garbage collection. So
currently the ability to unlink a child from a directory is the same
as the ability to write to the directory.
Please see:
http://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/about.rst#access-control
and
http://tahoe-lafs.org/trac/tahoe-lafs/wiki/Capabilities
and let us know if it doesn't answer all your questions.
Regards,
Zooko
http://tahoe-lafs.org/trac/tahoe-lafs/ticket/795# append-only files
http://tahoe-lafs.org/trac/tahoe-lafs/ticket/796# write-only backup caps
More information about the tahoe-dev
mailing list