Package securityflag implements utilities for creating security objects based on flags.
NewAuthorizer constructs an Authorizer based on the PermissionsSpec stored in the context for the specified 'name' (which defaults to "runtime" for an empty string value). It will preferentially use literal permissions over file stored ones.
NewAuthorizerOrDie returns an authorizer configured in the same way as that for 'runtime', preferring a literal (ie. on the command line) vs a file based specification, and assuming the typical set of access tags. It will panic if it fails to create an authorizer.
PermissionsFromSpec returns the permissions specified by the supplied PermissionsSpec for 'runtime' (ie. as derived) from command line flags specified by flags.PermissionsFlags originally. It is intended for callers that need more control of how Permissions are managed. TODO(rjkroege): Refactor these two functions into one by making an Authorizer use a Permissions accessor interface.