micha <[EMAIL PROTECTED]> writes:
> It would be nice to scale the users access to the indices and controls: Say,
> permissions of restricetd user or admin.
> There would be a password request for each index view or control feature -
> perhaps something like the apache .htaccess files ?
> So that we can define an individual access range. A user normally would not be
> able to purge anything from the main-index directly, but pehaps she can do with
> her 'own' stuff through her lasttime index.
> It would not neccessarily be waterproof safe or secure, but rather a kind of
> insurance against mistakes from unexperienced users.
The only way that a user can ensure that there is any kind of security
of the cached data is to use a personal WWWOFFLE cache and not share
any data with anybody else.
Allowing a user to delete their own cached files and not anybody
else's files is not really possible. What happens if two people
request the same URL, who is allowed to delete it? If you want to
delete a URL that somebody else has requested then all you would need
to do would be to request it then delete it.
If you want to have insurance against novice users then the best thing
would probably be to disallow them from deleting anything. This can
be done by putting the WWWOFFLE delete URL into the DontGet section of
the configuration file (WWWOFFLE can disallow getting its own URLs).
DontGet
{
http://localhost:8080/control/delete*
<http://localhost:8080/control/delete*> replacement = /local/banned.html
}
You should make sure that you replace 'localhost' with the name that
is the first entry in the LocalHost section of the configuration file.
--
Andrew.
----------------------------------------------------------------------
Andrew M. Bishop [EMAIL PROTECTED]
http://www.gedanken.demon.co.uk/
WWWOFFLE users page:
http://www.gedanken.demon.co.uk/wwwoffle/version-2.8/user.html
