Re: Filesystem Capabilities in 2.6?

From: Rik van Riel (riel@conectiva.com.br)
Date: Sat Nov 02 2002 - 19:47:58 EST


On Sat, 2 Nov 2002, Linus Torvalds wrote:
> On Sat, 2 Nov 2002, Rik van Riel wrote:
> >
> > Sure it's more flexible, but I wonder how many userland
> > programs will be broken if we change the permission model
> > and how well users can protect their data this way.
>
> This is not a "change". Existing behaviour clearly cannot change. We're
> talking about new interfaces to export capabilities in the filesystem.
>
> And pathnames are a _hell_ of a lot better and straightforward interface
> than inode numbers are. It's confusing when you change the permission on
> one path to notice that another path magically changed too.

It's also going to be confusing when you change permissions on
an inode and the extended attributes in one of the paths to the
inode don't change with it.

It'd be confusing as hell if I did a 'chmod go-r' on a file I
own, but have others continue reading the file because of some
extended attributes giving them the rights to do so.

Or am I misunderstanding the kinds of extended attributes you
want to have determined by pathname instead of by inode ?

It'd be nice to have an overview of exactly which permissions
and attributes are per file and which are per pathname ;)

regards,

Rik

-- 
Bravely reimplemented by the knights who say "NIH".
http://www.surriel.com/		http://distro.conectiva.com/
Current spamtrap:  <a href=mailto:"october@surriel.com">october@surriel.com</a>

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Thu Nov 07 2002 - 22:00:27 EST