0 views collected around this technical thread.
This guide explains Linux’s UGO permission model, the meaning of read/write/execute bits for files and directories, and demonstrates how to manage permissions using chmod, chown, chgrp, as well as advanced ACL techniques including mask and default settings.
This article provides a comprehensive, hands‑on guide to installing HAProxy, configuring global, defaults, listen, frontend, and backend sections, setting up ACL‑based load balancing, preparing backend web servers, testing the setup, and accessing the HAProxy statistics page.
Kuaishou’s foundational large-model team has secured seven papers at ACL 2025, spanning alignment bias in training, safety defenses during inference, decoding strategies, fine-grained video-temporal understanding, reward fairness in RLHF, multimodal captioning benchmarks, and methods to curb hallucinations in vision-language models.
This guide walks you through SFTP server planning, user naming conventions, directory structures, SSH configuration, account creation, permission setup, client usage, log auditing, rotation, connection limits, monitoring, and high‑availability deployment across multiple servers, providing ready‑to‑run commands and scripts.
This guide walks through installing Squid on Linux, configuring it as a transparent proxy for internal clients, setting up a reverse proxy for external web servers, and applying common ACL rules to control access and improve network performance.
This article explains the five mainstream access control models—ACL, DAC, MAC, ABAC, and RBAC—detailing their principles, examples, advantages, drawbacks, and practical extensions such as role hierarchies, constraints, and real‑world system design considerations for user, role, and permission management.
This article demonstrates how to use DPDK's Graph API for L3 packet forwarding, introduces a custom ACL node, and presents performance comparisons of different packet‑transfer mechanisms and batch sizes within the graph pipeline.
This article investigates a Redis Sentinel failover anomaly in version 7.4.0 where the sentinel repeatedly elects a failed master, explains the underlying s_down/o_down states, examines network, configuration, and ACL settings, and resolves the issue by adjusting Pub/Sub permissions to allow proper failover.
This article examines a fast‑growing company's sales data platform, outlines the data‑access pain points caused by ACL permissions, describes the migration from ClickHouse to ByteHouse, details the optimizer’s rule‑based, cost‑based, and distributed‑plan enhancements, and presents benchmark results showing query speedups of up to sixteen times.
This article explains ZooKeeper's hierarchical data model, node types, session mechanism, cluster roles and election process, ZAB protocol, watch mechanism, ACL permissions, and common distributed lock implementations, providing a comprehensive overview of its core concepts and practical usage.
This article explains the principles, examples, and drawbacks of the five mainstream access‑control models—ACL, DAC, MAC, ABAC, and RBAC—while also detailing RBAC extensions and practical guidelines for designing user, role, and permission management in real‑world systems.
This article details the design and development of Baidu's Unified Permission Management Service (MPS), covering requirements analysis, technology selection, architecture, platform and node management, permission models (RBAC, ACL, DAC), functional modules, API integration, audit, and deployment strategies for enterprise-wide access control.
This article details the design and development of a unified permission management service (MPS) that consolidates RBAC, ACL, and DAC models to solve fragmented enterprise permission issues, covering requirement analysis, technical selection, functional modules, deployment, and performance outcomes.
This article presents a comprehensive design and development of Baidu's Unified Permission Management Service (MPS), detailing its requirement analysis, technical selection, hybrid RBAC/ACL/DAC model, functional modules, implementation specifics, and operational results that demonstrate its effectiveness in consolidating enterprise-wide access control.
Unified Permission Management Service (MPS) at Baidu centralizes fragmented permission systems across internal platforms, integrating ACL, DAC, and RBAC models via Baidu's GDP framework, and provides modules for platform and node management, permission CRUD, workflow approvals, and audit/recovery, now serving over 20,000 users and managing more than 100,000 permission nodes.
This article introduces the design of permission systems and thoroughly explains the five mainstream access control models—ACL, DAC, MAC, ABAC, and RBAC—along with their principles, examples, drawbacks, and practical implementation details for real‑world applications.
This article explains the design of permission systems by introducing five major access control models—ACL, DAC, MAC, ABAC, and RBAC—detailing their principles, examples, advantages, drawbacks, and practical implementation considerations for user, role, and permission management in enterprise applications.
This article provides a comprehensive overview of Apache ZooKeeper, covering its ZAB protocol, data model hierarchy, node types, storage mechanisms, watch system, session lifecycle, ACL configurations, serialization with Jute, cluster roles, leader election, log management, and practical use cases such as distributed locks, ID generation, load balancing, and integration with frameworks like Dubbo and Kafka.
Seq2Path treats each sentiment tuple as an independent tree path, training with average path loss and decoding via constrained beam search with a discriminative token, achieving state‑of‑the‑art results on five aspect‑based sentiment analysis datasets and deployment in Alibaba Entertainment AI Brain.
The article introduces RoP 0.2.0, a redesign of RocketMQ on Pulsar that eliminates message loss, duplicate consumption, and partial partition consumption, adds ACL authentication, partition expansion for higher throughput, native RocketMQ management APIs, refactors MessageID and routing models, and outlines future features such as tracing, delayed messages, and advanced monitoring.