[96] in Moira
moira and discuss
daemon@ATHENA.MIT.EDU (Mark Rosenstein)
Mon Apr 30 20:20:59 1990
Date: Mon, 30 Apr 90 20:20:17 -0400
From: Mark Rosenstein <mar@MIT.EDU>
To: moiradev@ATHENA.MIT.EDU, discuss@ATHENA.MIT.EDU
In-Reply-To: John F Carr's message of Sun, 29 Apr 90 20:03:34 -0400 (EDT) <kaCs3KQGG01pM5V1gx@athena.mit.edu>
John is right, Marc & Ken are making things much too complex. Adding
a tag per list membership is not the right way because lists are used
for different things. Rather, associate a list with each permission
combination you want to assign a discuss meeting.
Look at the way zephyr was implemented (yes, there is already support
for zephyr acls in Moira, although we aren't currently using it):
There's a record which names a zephyr class, and associates that class
with 4 taged ACEs (an ACE is an Access Control Entity, which may be a
USER, a LIST, a KERBEROS principal, or NONE) for each of the zephyr
functions XMT (transmit), SUB (subscribe), IWS (instance wildcard
subscriptions), and IUI (instance user identity subscriptions).
We could do something similar for discuss, where you create a record
naming the meeting, an access level (a string like "aorsw"), and an
ACE. This way a meeting could have as many or as few lists and access
levels associated with it as necessary.
The question that no one has addressed yet is whether this support is
really needed or not. At the request of the zephyr team, I put in
support for zephyr acls almost 2 years ago. We're still not using it,
and looking at the way we use zephyr acls, it's not clear that it's
worth using it even though the coding is already done. Would we use
this for discuss meetings?
Why do you say you would have Moira create the file, but leave it for
the chairman to put into place? Do you not trust Moira? Certainly,
there is a chance that Moira could screw up and put no one or too many
people on an ACL, but it could do the same thing for an important NFS
server's credentials file (actually, this has happened, because /site
filled up and there wasn't room for the new credentials file). If
people aren't willing to trust Moira to put the ACLs in place, why do
they trust it to generate them at all?
-Mark
