[tahoe-lafs-trac-stream] [tahoe-lafs] #1356: SFTP and FTP: allow logging in with an arbitrary cap URI as root directory

tahoe-lafs trac at tahoe-lafs.org
Tue Aug 13 23:04:31 UTC 2013 

#1356: SFTP and FTP: allow logging in with an arbitrary cap URI as root directory
-------------------------------+----------------------------------------
     Reporter:  davidsarah     |      Owner:  davidsarah
         Type:  enhancement    |     Status:  assigned
     Priority:  major          |  Milestone:  1.12.0
    Component:  code-frontend  |    Version:  1.8.2
   Resolution:                 |   Keywords:  sftp usability test-needed
Launchpad Bug:                 |
-------------------------------+----------------------------------------
Changes (by daira):

 * milestone:  soon => 1.12.0


Old description:

> The SFTP and FTP frontends should allow logging in with username
> {{{uri}}}, and password an arbitrary cap URI.
>
> Implementing this for SFTP can then be used to support a {{{tahoe
> mount}}} command (#1357), as suggested in ticket:1353#comment:3. For both
> SFTP and FTP, it is potentially useful to be able to log in with a root
> URI without having set up an account for it in the {{{ftp.accounts}}}
> file. (SFTP and FTP use the same code in
> [source:src/allmydata/frontends/auth.py] to handle logins, so it is
> simpler for them to behave the same.)
>
> Note that you can already access an arbitrary cap URI via the {{{/uri/}}}
> directory, but that does not have nearly as nice usability properties,
> because you can't access aliases that way. (Allowing access to aliases
> would provide ambient authority and so is not capability-secure.)

New description:

 The SFTP and FTP frontends should allow logging in with username
 {{{uri}}}, and password an arbitrary cap URI.

 Implementing this for SFTP can then be used to support a {{{tahoe mount}}}
 command (#1357), as suggested in ticket:1353#comment:3. For both SFTP and
 FTP, it is potentially useful to be able to log in with a root URI without
 having set up an account for it in the {{{ftp.accounts}}} file. (SFTP and
 FTP use the same code in [source:src/allmydata/frontends/auth.py] to
 handle logins, so it is simpler for them to behave the same.)

 Note that you can already access an arbitrary cap URI via the {{{/uri/}}}
 directory, but that does not have nearly as nice usability properties,
 because you can't access aliases that way. (Allowing access to aliases
 would provide ambient authority and so is not capability-secure.)

--

-- 
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1356#comment:9>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list