Re: extended file attributes on external devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed March 5 2008, Alexander Boström wrote:

> If the kernel people are sceptical about magic like "map user 99 to the
> uid of the user calling stat()" then perhaps it would be better to
> extend ext3 to map user 99 back and forth to whatever uid was given as
> mount option uid99=xxx and then have the automount magic set that option
> to the current desktop user as per usual. Then it would be a filesystem
> specific thing.

How about this: Make it possible, that whenever a user is allowed to mount a 
filesystem that he could manipulate arbitrarily (e.g. a filesystem on an 
external device) and he mounts it, then he can remove/create arbitrary 
files/directories and change permissions/owner/group arbitrarily, i.e. 
manipulate it arbitrarily like he could do it on the another machine.

The root-directory of this filesystem could be set to 0600 and owned by uid=0, 
to allow only the mounting user to access anything on the filesystem.

This special beheaviour could be made visual to the user with some virtual 
posix acl, that cannot be removed or changed, but makes e.g. ls show a plus 
sign after the permissions. And getfacl could maybe display it in more 
detail.

Btw. I do not know how to implement this and how hard it would be to do this, 
but this would be a good user experience imho.

> Another approach: Give ext3 an option (set in the superblock) to
> "downgrade" to a permissions-less state similar to how ISO9660 and FAT
> is handled.
>
> Basically, it would just store file and directories as "readable",
> "writable" or "executable" and then have mount-time options for setting
> uid/gid and masking the mode.

With my approach, the user can do everything he can do with yours, but also 
modify permissions to e.g. allow only a special user to copy something 
from/to his device.

Regards,
Till

Attachment: signature.asc
Description: This is a digitally signed message part.

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux