> Are you suggesting that applications has to handle the scramble buffer > correctly for each accesses? It seems to me we can obtain credential of > the client using SASL authentication, without any additional hints. > > If the security map means something like access control list, what we > are talking about is not fundamentally different. > The issue is the way to store the properties within the item. > > BTW, Is the storage engine stackable? If not so, it seems to me we will > face a tradeoff between persistent storage and access controls. > > Am I missing something?
I think you should just grab the latest engine branch and go for it. It's tracked under trondn's github.com account. Hit up the list for feedback/etc, but just be forewarned that very little will go into the core to slow down or increase memory requirements. However the engine API can be adjusted to better allow the tradeoffs if necessary. If you really want to blow tons of CPU/RAM on having granular access controls, you should be able to do it without having to patch memcached... Unless you need to make significant changes to the protocol, which again will be very hard since that absolutely has to stay simple. So yeah. Most of the core devs are speed freaks, and the intent of memcached is to supply minimal, if any, access control (or authentication) for speed. That shouldn't stop you from using it as a proper framework if you absolutely must. It's become enough of a standard that we can accept this. -Dormando
