Marc Perkel <marc@xxxxxxxxxx> wrote:There would be different rights to eack link.
[...]
I'll run through a few ideas here.
Novell Netware type permissions. ACLs are a step in the right direction
but Linux isn't any where near where Novell was back in 1990. Linux lets
you - for example - to delete files that you have no read or write
access rights to.
It lets you unlink them. That's different from deleting, since the owner
may have his/her private link to that file.
Unlinking is changing the contents of a directory, and it's controlled by
the write permission of the containing directory.
Users should have private temp directory space. Two user trying to create the same file in the same directory isn't going to work under any operating system.Netware on the other hand prevents you from deleting
files that you can't write to and if you have no right it is as if the
file isn't there.
Imagine a /tmp directory (writable by world) with user "a" creating a file
"foo", umask=077 and user "b" trying to do the same. User "b" will get
'file exists' if he tries to create it, and 'file does not exist' if he
tries to list it. He will go nuts.
BTW: YANI: That about a tmpfs where all-numerical entries can only beYou have to realize the Netware does things differently and that Linux limitations don't apply to Netware.
created by the corresponding UID? This would provide a secure, private
tmp directory to each user without the possibility of races and denial-of-
service attacks. Maybe it should be controlled by a mount flag.
You can't even see it in the directory. Netware also
has inherited permissions like Windows and Samba has and this is doing
it right.
You can't do that if you have hardlinks. However, I missed the feature of
overruling file permissions in some special directories, e.g. anything
put under /pub should ignore umask and be a+rX.
But just because you don't need it doesn't mean other people don't. If you are running Samba pretending to be a case insensitive file system then this is a good feature.
File systems and individual directories should be able to be
flagged as casesensitive/insensitive.
IMHO not needed.