What real world use cases are there where it makes sense for someone to have rights to see if a file exists in a file system, but not have rights to read the file? I know this is a basic part of Unix security semantics, but is it really needed?
Disclaimer: I do not know how Tahoe-LAFS does this, and I assume it does it right. [...] It also means that if the system wants to provide a view of the file system without read access, a shadow directory would have to be composed that only indicates existence and size but does not include the file identifier. [...]
That brings us to the discussion question I would like to put to this group:What real world use cases are there where it makes sense for someone to have rights to see if a file exists in a file system, but not have rights to read the file? I know this is a basic part of Unix security semantics, but is it really needed?
Directory listings may contain the unsealers, or not, to provide a metadata-only view and a read view, while allowing distribution of storage to untrusted storage resources
This was described as a "deep verifycap": https://tahoe-lafs.org/trac/tahoe-lafs/ticket/308
--
You received this message because you are subscribed to the Google Groups "cap-talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cap-talk+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cap-talk/r480Ps-10146i-328B63F8BA7A447AA760157DEADC24E1%40Williams-MacBook-Pro.local.
(would uuids be better than string names in some cases as a middle ground "identifier"?)
i have never liked the idea of even theoretically remotely possible hash collisions :-)/murphy'slaw
--
You received this message because you are subscribed to the Google Groups "cap-talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cap-talk+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cap-talk/CAJ7XQb72_cQb5mUs80GCLoe7ruVTGdD2Jvm3h0UQMPTY326w_A%40mail.gmail.com.
Anyone who looked at my photo directory could get a reasonable
idea of where I had been since there is a directory for each day
with the location as part of the directory name.
(would uuids be better than string names in some cases as a middle ground "identifier"?)