Reinhard Poetz wrote:
Thanks Geoff and Vadim
as we already had a vote, we should respect the result and have following intra-block file-system structure:
-------------------------------------------------------------- [cocoon block] [DIR] | +-- COB-INF [DIR] +-- block.xml +-- classes [DIR] +-- lib [DIR] --------------------------------------------------------------
Question. What else is in a block that requires that COB-INF exist at all? Why can't it just be:
[cocoon block] [DIR]
+--block.xml
+--classes [DIR]
+--lib [DIR]
security and folder namespacing. just like for webapps, those folders contain potentially sensitive information (the executable code), it's easier to state that any path that contains "COB-INF" being read only, so, even if you had weird bugs, you could prevent people to inject their malicious code in there.
True, the sitemap is already a big step in preventing this, but having a rurther isolation doesn't hurt and also is a recognized thing for webapps and people will feel at ease with the separation between "stuff" and "code".
-- Stefano.
