From owner-freebsd-arch@FreeBSD.ORG Thu Oct 30 19:34:48 2008 Return-Path: Delivered-To: freebsd-arch@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 82381106567C for ; Thu, 30 Oct 2008 19:34:48 +0000 (UTC) (envelope-from cokane@FreeBSD.org) Received: from mail-out1.fuse.net (mail-out1.fuse.net [216.68.8.175]) by mx1.freebsd.org (Postfix) with ESMTP id 3EEC98FC0C for ; Thu, 30 Oct 2008 19:34:48 +0000 (UTC) (envelope-from cokane@FreeBSD.org) X-CNFS-Analysis: v=1.0 c=1 a=HEtvVF8Ib6cA:10 a=LkYvsgB9u1MH7Ao0BLhsLg==:17 a=zejqw3Mb-gFYugGNjTUA:9 a=S-Lg8KyUXhfDS742mJkA:7 a=kTM-z_S4bKLhI82u_LVG-ar5zoQA:4 a=LY0hPdMaydYA:10 a=BTCFpo_HUj46I554w5sA:9 a=7IbvXM9PnK2CwTaX_7wQ21diqS4A:4 a=rPt6xJ-oxjAA:10 X-CM-Score: 0 X-Scanned-by: Cloudmark Authority Engine Received: from [74.215.227.9] ([74.215.227.9:50649] helo=mail.cokane.org) by mail-out1.fuse.net (ecelerity 2.1.1.22 r(17669)) with ESMTP id 05/FF-12734-2D80A094 for ; Thu, 30 Oct 2008 15:19:46 -0400 Received: by mail.cokane.org (Postfix, from userid 103) id 4D48D35A7D5; Thu, 30 Oct 2008 15:19:46 -0400 (EDT) X-Spam-Checker-Version: SpamAssassin 3.1.8-gr1 (2007-02-13) on discordia X-Spam-Level: X-Spam-Status: No, score=-3.6 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DNS_FROM_SECURITYSAGE autolearn=no version=3.1.8-gr1 Received: from [172.31.1.6] (unknown [172.31.1.6]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.cokane.org (Postfix) with ESMTP id 215C035A7D4; Thu, 30 Oct 2008 15:19:40 -0400 (EDT) From: Coleman Kane To: David Schultz In-Reply-To: <20081028161855.GA45129@zim.MIT.EDU> References: <20081027193545.GA95872@pin.if.uz.zgora.pl> <20081028161855.GA45129@zim.MIT.EDU> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-OAYazdp9h5URcUpJ2YAl" Organization: FreeBSD Project Date: Thu, 30 Oct 2008 15:16:54 -0400 Message-Id: <1225394214.5610.6.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.22.3.1 FreeBSD GNOME Team Port Cc: Edward Tomasz Napierala , freebsd-arch@FreeBSD.ORG Subject: Re: Directory rename semantics. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Oct 2008 19:34:48 -0000 --=-OAYazdp9h5URcUpJ2YAl Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Tue, 2008-10-28 at 12:18 -0400, David Schultz wrote: > On Mon, Oct 27, 2008, Edward Tomasz Napierala wrote: > > Let's say we have two directories, "A/" and "B/". We also have a > > file, "A/F". To remove that file, we need write access to "A/". > > To move that file to "B/", we need write access to both "A/" and > > "B/". Now, assume we have a directory, "A/D". To remove that > > directory, we need write access to "A/". To move that directory > > to "B/", we need write access to "A/", "B/", _and "A/D"_. > >=20 > > I'd like to remove the last check (requirement to have write access > > to a directory we want to move somewhere else). Reason for this > > is that it doesn't seem very logical, and many systems - including > > SunOS, and our ZFS - behave differently. In other words, we have > > different semantics on UFS and ZFS. >=20 > No comment on other operating systems or standards, but I wanted > to point out that there is some logic to FreeBSD's present behavior: > When you move A/D, you must be able to write to D, because you are > modifying D's ".." entry to point to B instead of A. >=20 > >From a practical point of view, I think either behavior is fine, > but we should consider whether any security-critical applications > rely on the current behavior before changing it. I was always mystified by the reason for this behavior until now... As for my input, I think the change sounds fine (perhaps allowing revert to old behavior via a sysctl). --=20 Coleman Kane --=-OAYazdp9h5URcUpJ2YAl Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEUEABECAAYFAkkKCCIACgkQcMSxQcXat5fmygCXZqwgMnp9NvJjhOt1sn/gXfGP EQCfekwNaPCCSePdMfDxOOgpQr1b4WY= =HMe3 -----END PGP SIGNATURE----- --=-OAYazdp9h5URcUpJ2YAl--