[tahoe-dev] several newbie questions
Greg Troxel
gdt at ir.bbn.com
Thu Apr 21 13:46:08 UTC 2011
Miles Fidelman <mfidelman at meetinghouse.net> writes:
> Kevin Reid wrote:
>>> 2. Looking at the capability mechanisms, it's not clear to what
>>> extent capabilities are bound to individuals. The standard problem
>>> with key-based capabilities mechanisms is that they can be copied.
>>
>> That's a feature, not a bug.
>
> Not if you want any kind of access control. All the security goes out
> the door if somebody gets their hands on a URL.
If you really care about security, you probably want to completely avoid
the WUI. But change URL to "rootcap in $nodedir/private/aliases" and
you indeed have the same issue.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20110421/b4f9c988/attachment.asc>
More information about the tahoe-dev
mailing list