Subject: Re: security/10206 - proposed solution (concept)
To: Alan Barrett <>
From: Elad Efrat <>
List: tech-security
Date: 08/17/2005 06:58:02
Alan Barrett wrote:

> Actually, the prohibited/optional/required status could just be implied
> by the numeric ranges, but then you'd have to use "0 means 0", not "0
> means infinity".  For example, "upper: 0" could mean "prohibited";
> "upper: 1-*" could mean "1 or more required"; "upper: 1-3" could mean
> "at least 1, but no more than 3"; "upper: 0-*" could mean "any number,
> zero or more".

Yes, but then we'd lose a bit of the readability. This is hardly
time-critical code, and in fact should be very clear to the admin as to
what the configuration means.

I can change the range syntax, though.


Elad Efrat
PGP Key ID: 0x666EB914