From: Joe W. <jo...@gm...> - 2012-02-08 15:40:48
|
Hi Adam, > I don't think changing the security concerns here is a good idea. Rather I think the issue lies elsewhere, let me think about this... Right, I see your point. You're saying that the issue here could be seen as: Giving guest users access to eXide is unwise. This issue isn't specific to eXide; it applies equally to letting users execute any code which could run doc() or util:binary-doc() on a w+r resource. You're saying that we need to start realizing that permissions now dictate whether the the *system* can read/write/execute resources on a given user's behalf, not whether the *user* can read/write/execute resources. The system is now an explicit intermediary between the user and resources. The system is the user's agent in reading/writing/executing resources. Is this a correct way of articulating the new permissions framework? Joe |