Allow owners of objects to destroy them by default

Owners of wallet objects are now allowed to destroy them. In previous versions, a special destroy ACL had to be set and the owner ACL wasn't used for destroy actions, but operational experience at Stanford has shown that letting owners destroy their own objects is a better model. Change-Id: I0e97d7a000e62cf5321add7b44140db6edc6769f Reviewed-on: https://gerrit.stanford.edu/973 Reviewed-by: Russ Allbery <rra@stanford.edu> Tested-by: Russ Allbery <rra@stanford.edu>
author: Russ Allbery <rra@stanford.edu> 2013-03-27 12:51:46 -0700
committer: Russ Allbery <rra@stanford.edu> 2013-03-27 12:52:58 -0700
commit: f6c63bdb2be5ccc0c6133bf87025d37805579005 (patch)
tree: c027fed89455b36e386722a63cce9c77d90ebffa /docs/design
parent: b273cc907951a8b7dfcd4095ab58b6ae74c7d87e (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/docs/design b/docs/design
index 4bb5587..8f4b20d 100644
--- a/docs/design
+++ b/docs/design
@@ -148,9 +148,9 @@ Server Design
 
     * Optional ACLs for get, store, show, destroy, and flag operations.
       If there is an ACL for get, store, or show, that overrides the
-      normal permissions of the owner.  In the absence of an ACL for
-      destroy or flag, only wallet administrators can destroy an object or
-      set flags on that object.  This entry would need no special ACLs.
+      normal permissions of the owner.  In the absence of an ACL for flag,
+      only wallet administrators can set flags on that object.  This entry
+      would need no special ACLs.
 
     * Trace fields storing the user, remote host, and timestamp for when
       this object was last created, stored, and downloaded.
author	Russ Allbery <rra@stanford.edu>	2013-03-27 12:51:46 -0700
committer	Russ Allbery <rra@stanford.edu>	2013-03-27 12:52:58 -0700
commit	f6c63bdb2be5ccc0c6133bf87025d37805579005 (patch)
tree	c027fed89455b36e386722a63cce9c77d90ebffa /docs/design
parent	b273cc907951a8b7dfcd4095ab58b6ae74c7d87e (diff)