[2317] in Kerberos_V5_Development
Re: request comments on new ACL file format
daemon@ATHENA.MIT.EDU (Ken Hornstein)
Tue Mar 25 00:55:02 1997
To: Tom Yu <tlyu@MIT.EDU>
Cc: krbdev@MIT.EDU
In-Reply-To: Your message of "Mon, 24 Mar 1997 17:03:07 EST."
<9703242203.AA23893@tesla-coil.MIT.EDU>
Date: Tue, 25 Mar 1997 00:54:18 -0500
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
>This new format should allow for useful things such as the concept of
>groups. It also includes two different types of globs, so that it is
>possible to distinguish between matching one principal component from
>matching zero or more principal components. Please comment upon it,
>in particular whether or not groups should be allowed to be recursive.
One question: why distinguish between user groups and target groups?
Is there an implementation reason? While I can't come up with a scenario
where you might want to use a user group interchangably with a target
group, it _might_ happen, and the separation seems rather arbitrary.
(Other than that, it looks fine).
--Ken
