> plan make changes to acl/account code it must be non-isolate change (it
> must include user-profiles ..etc). (IMO of course :-)
While I'm thinking about it...
The current acl storage scheme flattens the acl info into a single
string, with a special character ("=" as I recall) to delimit the
user/group name from the permissions. But by quoting the user name, it
is possible to create a user name which contains an equals sign,
screwing up the acl handling.
If you are redoing the acls, a good first step is to fix this, perhaps
by recoding the acl field into a structure with at least two fields
for username and permissions.
- Thomas
--
Thomas Lockhart lockhart@alumni.caltech.edu
South Pasadena, California