Gary Van Domselaar wrote: > > If we were to follow the apache example, we would not specify a public > and private directory explicitly, but rather use an authentication > procedure (like apache's .htaccess) to create private (or perhaps > 'restricted') directories from publically accessible ones. So > > /home/brad/loci/public_loci/ //unrestricted access, network > viewable Is this directory _automatically_ an unrestricted area? Like I was saying in my follow-up message, we probably just need some loci/public/ directories as security 'sandboxes'. > /home/brad/loci/public_loci/germ_warfare/ //restricted access, network > viewable So, we can have a '.access' file that will cause Loci to ask for a login? I like that. > Of course, like apache, there's nothing stopping you from _making_ a > separate directory to contain your private files > > /home/brad/loci/private_loci/ //completely private, network hidden Of course, EVERYTHING outside of loci/public/ should be private. You can make a loci/private directory, but it won't be any different from any non- loci/public/ directory. IOW, it wouldn't be neccessary. I wonder how this 'Apache approach' meshes with CORBA. CORBA has its own security protocols, right? Would anyone in-the-know care to comment on this? > > The transfer of the actual program or data that the locus represents is > > another case altogether. I think this can be handled (in a GUI sense) via > > pop-up menu option and not DnD. > > For DnD, you may want to consider providing the user with option to do a > move, copy, or symbolic link, via pop-up menu, in direct analogy to > right-button DnD in Windoze. So, a button3 DnD would bring up a dialog. Button1 DnD would by default move a locus if source and destination are both local. Button1 DnD would by default copy a locus if either source or destination (or both) are remote. (This is typically how inter-filesystem transfers work on the Mac and Windows.) What about _writing_ to a _remote_ container? If I do a DnD from my local Workspace to a remote container, should I have write permissions? This might be a good mechanism for 'sharing loci'. This certainly would require a login of some sort. So, should a .access file be required for any remote writing to a filesystem? Or should 'writers' have a shell account, as we have CVS set up (I think you can give CVS write access to someone who doesn't have a shell account)? Cheers. Jeff -- +----------------------------------+ | J.W. Bizzaro | | | | http://bioinformatics.org/~jeff/ | | | | THE OPEN LAB | | Open Source Bioinformatics | | | | http://bioinformatics.org/ | +----------------------------------+