Ticket #936 (closed defect: wontfix)

Opened 12 years ago

Last modified 12 years ago

[DS] csmlscan should include security info

Reported by: domlowe Owned by: domlowe
Priority: required Milestone: PROD Final
Component: CSML Version:
Keywords: Cc:

Description

Security info should be added by csmlscan - roles to be added to config file (optional)

Change History

comment:1 Changed 12 years ago by domlowe

  • Owner changed from awoolf to domlowe
  • Status changed from new to assigned

comment:2 Changed 12 years ago by lawrence

  • Status changed from assigned to closed
  • Resolution set to wontfix

I've gone off this. I think we have the wrong model when we put the access control information into the file itself ... the gatekeeper model says that we separate the access control from the content.

Use case (example). We have the coapec dataset, with coapec permissions. We then had a new programme (rapid) which wanted access to coapec. We can do this (once) in the gatekeeper, or we have to update each and every file with the changed permissions. It's a no brainer ...

So, Dom, I reckon the heat is off :-)

comment:3 Changed 12 years ago by domlowe

Oh dear - well at least the code I've just written has a default of no security ;-)

I agree with you though - the gatekeeper is a better place for access control info.

Note: See TracTickets for help on using tickets.