[Ksecretservice-devel] Re: Fwd: Re: Re: ACL handling

[Valentin Rusu]

Michael Leupold wrote:

> Am Mittwoch, 6. Oktober 2010, 20:02:52 schrieb Valentin Rusu:
>> > > - this behavior should be adjusted by the means of o policy file ;
>> > > the policy file should be under the responsibility of the client
>> > > application (e.g. Kontact application should install it's policy file
>> > > it it wants ACL handling).
>> >
>> > I'm not yet sure what you mean with the policy file. Could you please
>> > explain a bit more?
>> 
>> Suppose an executable A wants to share it's secrets with another
>> executable B, but wants to deny sharing with any other executable. In
>> this case, an external policy file would be required, and this file would
>> be under the responsibility of executable A developer.
> 
> Wouldn't it be easier to delegate the decision to the user? From my
> experience with wishlist items and bug reports power users want things
> like the ability to choose which collection to store an application's
> secrets into (maybe the same for all their mail applications or for
> everything that is about networking). It seems like those features would
> have to override the default decision taken by the application developer.

Well, maybe we'll implement ACL handling in several steps, as I understand 
that your KWallet experience gave you a good graps of what users need. Then, 
along the road, if needed, we may offer the policy files I proposed.  

> 
> This doesn't mean I dislike the idea of policy files. Just saying that
> things like this would have to be thought of as well. :-) Once you have a
> draft of this idea, maybe I could review it and check how well it fits
> with the current architecture and what (I think) users want.

Ok with that. As soon as I have something I can show, I'll post it. 
Meanwhile, I'll continue implementing ACL the way you suggested.

> 
> Regards,
Regards,

> Michael
Valentin