On Sun, 27 Aug 2006 19:11:17 +0700, Shannon Baker <[EMAIL PROTECTED]> wrote:
> But why bother? This whole problem is easily solved by allowing data to > be stored with an access control list (ACL). For example the site > developer should be able to specify that a data object be available to > '*.example.com' and 'fred.geocities.com' only. How this is done (as a > string or array) is irrelevant to this post but it must be done rather > than relying on implicit trust where none exists. While there are serious risks associated with global storage, I don't see how replacing the global storage with arbitrary ACLs on data items will help reduce them. All those advertisers etc can store a data item accessible to "*", can't they? -- Alexey Feldgendler <[EMAIL PROTECTED]> [ICQ: 115226275] http://feldgendler.livejournal.com