From owner-freebsd-chat@FreeBSD.ORG Fri Apr 16 11:08:02 2004 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 34AC516A4CE for ; Fri, 16 Apr 2004 11:08:02 -0700 (PDT) Received: from vhost109.his.com (vhost109.his.com [216.194.225.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id D0B5F43D39 for ; Fri, 16 Apr 2004 11:08:01 -0700 (PDT) (envelope-from brad.knowles@skynet.be) Received: from [10.0.1.3] (localhost.his.com [127.0.0.1]) by vhost109.his.com (8.12.8p2/8.12.3) with ESMTP id i3GI7ugn086756; Fri, 16 Apr 2004 14:07:57 -0400 (EDT) (envelope-from brad.knowles@skynet.be) Mime-Version: 1.0 X-Sender: bs663385@pop.skynet.be Message-Id: In-Reply-To: References: Date: Fri, 16 Apr 2004 17:56:50 +0200 To: Jari Kirma From: Brad Knowles Content-Type: text/plain; charset="us-ascii" ; format="flowed" cc: freebsd-chat@freebsd.org Subject: Re: Shadow filesystems [was Re: Pair donates 20,000 to Poul-Henning Kamp??] X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Apr 2004 18:08:02 -0000 At 5:43 PM +0300 2004/04/16, Jari Kirma wrote: > I played with the idea of "reliable undelete" functionality some time ago. After a catastrophic wipeout when I was a student at the University of Oklahoma about 20 years ago (causing me to work 36 hours straight to re-create all my hard work), I created a set of shell script tools to replace the "rm", "mv", "cp", etc... programs with something that would use a "~/.Trash" directory and then compress the files, etc.... When I first created these scripts, they were very popular, and widely used by the student community. IIRC, I posted a fairly final version of those scripts to comp.sources.*. ECN staff had a disagreement with me over these tools, thinking it unwise for people to get used to the "new" behaviour, which might lead them to get seriously screwed when they used "rm" somewhere else and it didn't act in the way they expected. However, it wasn't until after I had another massive wipeout (this time using vi to write a file into the wrong filename), that I decided that I agreed with them. So, I removed the scripts from my bin, although others could always go to the newsgroup archives and pull down their own version if they wanted. I don't think anyone did. If you really want to make something like this work, you have to cover all possible avenues of destruction, not just creat(), unlink(), and rename routines. Introduce a real filesystem versioning scheme, and I would gladly welcome your work. But please don't violate POLA, and please don't help to create a different set of user expectations that would cause users to get seriously hurt if/when they're on another OS. -- Brad Knowles, "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. SAGE member since 1995. See for more info.