[Zope3-dev] Certification: Supporting "Residual
Information Protection" in Zope 3
Christian Theune
ct at gocept.com
Fri Dec 16 07:32:25 EST 2005
Hi,
Am Freitag, den 16.12.2005, 07:16 -0500 schrieb Jim Fulton:
> This is only a problem if username === user id. In both Zope 2 and
> Zope 3, these are distinct, although this isn't widely recognized or
> leveraged in Zope 2. I don't think it is necessary to remove all
> grants to an old user *id* as long as ids are never reused. I'd say it
> might even be useful to keep the old grants, at least for some period,
> for auditing purposed.
>
> If we *do* need to be able to remove all grants for a deleted user
> when we remove a user, then we need to provide an authorization system
> that makes this possible.
I think if we can guarantee never to reuse a user id, provide a tool for
doing RIP and we do not provide undo we are fine.
> By definition, there is no efficient way to iterate over all objects
> in a database, any database, unless the database is small. If we
> need to be able to do this, we should design support into the
> authorization system that we certify.
Agreed. This would mean that the authorization system (which is policy
dependant if I understand it correctly) will have to maintain data
structures that allow efficient handling for those tasks. Right?
Christian
--
gocept gmbh & co. kg - schalaunische str. 6 - 06366 koethen - germany
www.gocept.com - ct at gocept.com - phone +49 3496 30 99 112 -
fax +49 3496 30 99 118 - zope and plone consulting and development
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mail.zope.org/pipermail/zope3-dev/attachments/20051216/71164093/attachment.bin
More information about the Zope3-dev
mailing list