Some compositors implement modes or multiple environments and would like different policies for such environments.
Mandatory design/code changes:
- add way to change compositor name or much better to provide/retrieve it at permission granting time
- explore methods to prevent race conditions on compositor identity when granting permissions
- explore methods to prevent delegating statefulness management to compositors to avoid errors; find a clear method to guarantee the validity of an access decision when it is received by the compositor
Two appraches at least:
1. get compositors to advertise new names and use a section per mode
- No added complexity to policy reading
- But added length: harder to author meaningful policies (must copy/paste additions in each section) and even more so to edit them programmatically (are sections identical by coincidence or because they should be sync'd?).
- Trivial code changes
Changes to codebase:
ø
2. implement subsections
- More compact, faster to edit for experts
- Less readability within file
- Might require editing the parser substantially
- Added complexity throughout whole backend, might need to change get_permission to expose contextual cues on compositor identity
Changes to codebase:
- add a subsection syntax for the files
- make parser understand subsections
- rework weston_config_get_section* functions
Some compositors implement modes or multiple environments and would like different policies for such environments.
Mandatory design/code changes:
Two appraches at least:
1. get compositors to advertise new names and use a section per mode
Changes to codebase:
ø
2. implement subsections
Changes to codebase: