[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-myserver] ideas about how improve security file

From: Giuseppe Scrivano
Subject: Re: [Bug-myserver] ideas about how improve security file
Date: Thu, 28 Aug 2008 22:23:14 +0200
User-agent: Mozilla-Thunderbird (X11/20080724)

Alexandru IANCU wrote:

> What about security file being a routine? I mean what about giving up
> XML format and write conditions into a scripting language(tcl?!) and
> execute them from code? Why would we need to keep XML format for
> something that can be easily written and understood(by humans) into a
> scripting language?

Because in this way XML can't describe loops, give users the possibility
to write endless programs is dangerous.  A security file is not used
only by the sysadmin by any person who has write access on the server,
for example in the home directories.
Moreover we use XML as it will be possible later to modify it with
external tools, it is not so difficult to understand a security file and
give the possibility to modify it with a GUI application.  The same
can't be done with a scripting language.

> if we decide to use scripts for rules validators will no longer be
> necessary. This would be another advantage to use a scriping language
> there. We can choose to use more scriping languages not only one.
> What do you think?

Yes, but it can be done by plugins.  Because MyServer don't have any
built-in scripting language but they are offered as external modules.
As I wrote before, it can't be the default because offer scripting
possibility means everyone can break the server, it should be done only
when there is really understanding of the troubles it can give.

> if you really want to add this, ok but I think we can live without it
> for now :)

Yes but anyway it is not the most difficult part, we can generalize the
MIME reading code and reuse it here :)
Re-define MIME types is very important.  The MIME types manager anyway
needs to be modified to support regex as well.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]