> > > Specifically, by "currently" I mean that this is the state on trunk. :) > I don't believe anyone is working on adding explicit traversal > permission on trunk in time for 1.10. It would require some rework of > the way the authz info is used within the core libraries, it's not just > a question of teaching the authz parser a new trick. >
I myself am never for holding up releases in order to add an extra feature, if everything else about the work to date says 'release it' :) This stuff is a corner case for me, and only topical as I've a very naive parser for Authz files in Java. Test driven of course. - Paul
