From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jeff Garzik <jeff@garzik.org>
Subject: chunkd authentication checks added
Date: Sat, 01 Aug 2009 00:26:10 -0400
Message-ID: <4A73C3E2.9070208@garzik.org>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <hail-devel-owner@vger.kernel.org>
Sender: hail-devel-owner@vger.kernel.org
List-ID: <hail-devel.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
To: Project Hail <hail-devel@vger.kernel.org>


Just added per-operation authentication checks to chunkd.  If the 
authentication user does not own an object, they cannot GET or DELETE 
it.  LIST only shows objects owned by the authenticated user (making the 
<Owner> tag a bit redundant).

The newly added 'auth' test verified that this works, in the process 
exercising some error handling paths for the first time.  Bugs were fixed.

All this was just pushed out to git.kernel.org, so it should show up soon.

CLD also needs authentication checks, and an ACL framework.

	Jeff