From: Wolfgang M. <wol...@gm...> - 2005-09-28 09:44:37
|
> I have tried to find information on ow to use the database security metho= ds > to allow certain users to read and/or update specific resource files (XML > files). It seemsto me that Exist does not suport this. It allows groups o= f > users certain rights, but not individual uders (exept the owner). Permissions in eXist closely follow the Unix model and roles are indeed limited to owner, group and world. The Unix model is simple and space efficient (just one byte used for storing permissions), but we already thought about implementing a more flexible ACL model. Anyway, adding your own security layer on the application level is always possible if access to eXist is exclusively done through your application. Otherwise, we would have to discuss how to extend the current security model, i.e. throw away the Unix style permissions and switch to a more flexible scheme. That's certainly possible if one figures out a good model. Wolfgang |