Tahoe LAFS is a distributed file system with an interesting permissions model. (whitepaper)
Both Immutable and Mutable files are supported (Mutable is the most complex and interesting)
There are three levels of permissions, Write
, Read
, and Verify
. Each permission is
granted by giving a user a special key called a "capability". If you have the Write
capability
you can update the file, if you have the Read
capability you can retrieve the plain text,
but if you only have the Verify
capability you can only validate the file integrity, but not read the contents.
The lower level capabilities are generated deterministically from the higher level capabilites.