[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <08054D5B-FDC2-4A79-8599-E135432E9B45@mac.com>
Date: Wed, 15 Aug 2007 12:58:39 -0400
From: Kyle Moffett <mrmacman_g4@....com>
To: Marc Perkel <mperkel@...oo.com>
Cc: Michael Tharp <gxti@...tiallystapled.com>,
alan <alan@...eserver.org>,
LKML Kernel <linux-kernel@...r.kernel.org>,
Lennart Sorensen <lsorense@...lub.uwaterloo.ca>
Subject: Re: Thinking outside the box on file systems
On Aug 15, 2007, at 12:02:41, Marc Perkel wrote:
> Kyle, thinking further outside the box, files would no longer have
> owners or permissions. Nor would
> directories. People, groups, managers, and other objects with have
> permissions. One might tag a file with the object that created it
> so you could implement "self" rights which might be use to replace
> the concept of /tmp directories.
Well, that's actually kind of close to how SELinux works.
This is the real fundamental design gotcha:
Our current apps *AND* admins speak "UNIX" and "POSIX". They
don't speak "MarcPerkelOS" (or even "SELinux"). As long as there is
not a reasonably-close-to-1-to-1 mapping between UNIX semantics and
your "outside the box" semantics, the latter can't really be used.
It would just involve rewriting too much code *AND* retraining too
many admins from scratch to make it work. Hell, even Windows and Mac
have moved towards a UNIX-like permissions system, precisely because
it's a simple model which is relatively easy to teach people how to
use. ACLs are just a slight modification of that model to allow two
things:
(A) Additional user/group permissions
(B) Default permissions for new child files/dirs/etc
People are having a huge problem with SELinux permissions as is, and
portions of that are a fairly standard model that's been worked over
in various OSes for many years. I seriously doubt that anything that
far "outside the box" is going to be feasible, at least in the near
term.
Good new filesystem developments are likely to be ones which preserve
the same outer model, yet allow for deeper/more-powerful control for
those users/admins who need it.
Cheers,
Kyle Moffett
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists