Return-Path: X-Original-To: apmail-stanbol-dev-archive@www.apache.org Delivered-To: apmail-stanbol-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 71BB5FF36 for ; Mon, 8 Apr 2013 18:26:33 +0000 (UTC) Received: (qmail 27464 invoked by uid 500); 8 Apr 2013 18:26:33 -0000 Delivered-To: apmail-stanbol-dev-archive@stanbol.apache.org Received: (qmail 27339 invoked by uid 500); 8 Apr 2013 18:26:33 -0000 Mailing-List: contact dev-help@stanbol.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@stanbol.apache.org Delivered-To: mailing list dev@stanbol.apache.org Received: (qmail 27330 invoked by uid 99); 8 Apr 2013 18:26:33 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 08 Apr 2013 18:26:33 +0000 X-ASF-Spam-Status: No, hits=2.2 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [209.85.217.181] (HELO mail-lb0-f181.google.com) (209.85.217.181) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 08 Apr 2013 18:26:28 +0000 Received: by mail-lb0-f181.google.com with SMTP id r11so5936104lbv.26 for ; Mon, 08 Apr 2013 11:26:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:sender:x-originating-ip:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to :content-type:x-gm-message-state; bh=H5El2SndANJrx/bKUJ8yTcN+Yt4g26+dk4GWYz3uSP8=; b=YRVu1uN2tq1cBumV7g5/gEZxM5WGUZSzjUjXL4RNzQUKrbFBVbhoUlEsZjpCBeoiUq 5ZiO5UT4jenbOrxGVdVouuMBk3rRuCseCm9DgCmYZNHwgsObpH2XWlw4szXZdYU8klvw hXLSAq5a4esFo70uVCXaF4FmixWAdY5Cz0988S+awnXeRFRO18HYMZqPjl6/iDP+Ac7t S0NXYPLJ1hEq3npmJXAYM+z9OZ/PW+HB3yIqMKQPLaVR5npAroA3G2t87Eczjtc0g1F8 jtP+BoxmfvMlxEhCceRyNhaMzhneXrN5XrHVdY1nEMv8lgQhP9xhUd5tTYvbnuG61QR0 u0bg== MIME-Version: 1.0 X-Received: by 10.112.88.10 with SMTP id bc10mr11952351lbb.70.1365445566209; Mon, 08 Apr 2013 11:26:06 -0700 (PDT) Sender: me@farewellutopia.com Received: by 10.152.6.230 with HTTP; Mon, 8 Apr 2013 11:26:06 -0700 (PDT) X-Originating-IP: [91.137.97.21] In-Reply-To: References: Date: Mon, 8 Apr 2013 20:26:06 +0200 X-Google-Sender-Auth: TEohWjOiDbOQn6zSea18x8lUOyo Message-ID: Subject: Re: It's not security, but rather multi-user vs. single-user Stanbol From: =?ISO-8859-1?Q?Reto_Bachmann=2DGm=FCr?= To: dev@stanbol.apache.org Content-Type: multipart/alternative; boundary=f46d04016975ef4ada04d9dd918f X-Gm-Message-State: ALoCoQkCnESCOWu+vSqTgAy/wkqrHpFk2WTH0MANVC+Rtr+RFo7ApAZn5BII6B2VuQo2t8MFlmVb X-Virus-Checked: Checked by ClamAV on apache.org --f46d04016975ef4ada04d9dd918f Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi, Yet pronoun to dereference ;) By "we" I wanted to refer to the Stanbol community. It was an attempt of a reduction ad absurdum - but of course we theoretically could vote on dropping the reusability goal for the components we build. Cheers, Reto On Mon, Apr 8, 2013 at 4:01 PM, Fabian Christ wrote: > Hi, > > perhaps it is really just security. Some people have the use case that > they do want support for that others do not care. That's the pattern > even if I do not understand who Reto refers to as "we" in his mail. As > a community we should ensure that all can work on the things they want > to. > > In any case, we have the process of opening issues if something is not > working as expected for others. That's something concrete. If issues > remain open for too long, we should take action. I think the community > can expect the security guys to do their best to fix things as soon as > they popup. > > 2013/4/8 Reto Bachmann-Gm=FCr : > > Hi Bertrand > > > > It's not just about about multi-user. Even we would say that we want > > Stanbol only to be a stateless single-user engine we might still care > about > > handling java security correctly in case we want to support our modules > > being integrated in other applications. So the issue would not just abo= ut > > doping authentication but also to significantly reduce reusability of t= he > > Stanbol components. > > > > Take for example a logging system. Typically a library that provides no > > support for multiple-user. Yet such a library has to care about not > > requiring any unexpected permission on logging. > > > > Cheers, > > Reto > > > > On Mon, Apr 8, 2013 at 12:11 PM, Bertrand Delacretaz < > bdelacretaz@apache.org > >> wrote: > > > >> Hi, > >> > >> I'm trying to understand the disconnect that we're seeing in the > >> security discussions...isn't that more about the following two modes > >> of using Stanbol? > >> > >> Single user Stanbol: > >> A stateless engine that's accessed by trusted systems, which are > >> supposed to handle security and access control by themselves > >> > >> Multi-user Stanbol: > >> An engine that's accessed by non-trusted users and might store their > >> data, so needs security features, user management, etc. > >> > >> Agreeing on these two usage modes might help us have more constructive > >> discussions, IMO, about features that multi-user requires but > >> single-user doesn't even want to see. > >> > >> -Bertrand > >> > > > > -- > Fabian > http://twitter.com/fctwitt > --f46d04016975ef4ada04d9dd918f--