wiz & Dan Sugalski & wiz wrote:
> This is a start, which is very good, but I'm pretty sure that this is
> taking things from the wrong angle to some extent.
>
>o In general, if everyone's mostly familiar with just Unix's security model
>o I'd really, *really* urge you to read up on other models.
I think I see where you are coming from on the issue of CGI. I think that
although we are approaching it from different angles, we are somewhat on the
same track. I say "Content-Length", you say "memory limits". What I am trying
to say (although I've never been really good at explaining myself)
At 04:25 PM 2/23/2001 -0500, wiz wrote:
>I agree about the CGI stuff, as the username should always be the same
>anyway, so it can be defined separately for that user. I do believe that we
>need to at least take CGI scripts into account, however.
I think if we take CGI scripts specifically in
I agree about the CGI stuff, as the username should always be the same
anyway, so it can be defined separately for that user. I do believe that we
need to at least take CGI scripts into account, however.
Some questions:
1.> you wrote: "Generally speaking we ought to have the capability to us
At 11:59 AM 2/23/2001 -0500, wiz wrote:
This is a start, which is very good, but I'm pretty sure that this is
taking things from the wrong angle to some extent.
In general, if everyone's mostly familiar with just Unix's security model
I'd really, *really* urge you to read up on other models. Th
