On Tue, 2009-12-15 at 11:17 -0500, Scott Lawrence wrote: > Yes, but the additional primitive I'd also like to add is one to get a > list of what files are in a directory (which, in fairness, I had not > mentioned), so I'd like to have the directory path itself access > controlled.
Hmmm... It seems like we are starting to run into problems with the fact that we are not distinguishing "resources this process uses" from "things this process is allowed to access" very well. If I write > > > <directory> > > > <path>/etc/sipxpbx/foo</path> > > > <filepattern>*.xml</filepattern> > > > <filepattern>*.wav</filepattern> > > > </directory> that seems to mean that this process access files with xml and wav (*only*) in the directory /etc/sipxpbx/foo, and any files with other names are not relevant. That also implies the supervisor is allowed to write files with those extensions in that directory. If the supervisor is allowed to list the directory /etc/sipxpbx/foo as a whole, then it is permitted to muck with (to some degree) files that are not otherwise relevant to the process. Dale _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
