Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 6 Oct 1999 17:32:33 -0700
From:      Wilfredo Sanchez <wsanchez@apple.com>
To:        Brian Somers <brian@Awfulhak.org>
Cc:        Pat Dirks <pwd@apple.com>, FreeBSD Hackers <FreeBSD-Hackers@freebsd.org>
Subject:   Re: Apple's planned appoach to permissions on movable filesystems
Message-ID:  <199910070032.RAA27559@scv3.apple.com>
In-Reply-To: "Your message of Tue, 05 Oct 1999 14:19:22 PDT."<199910052119.OAA24627@scv1.apple.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
| I think the owner and group of the person that mounted the filesystem  
| should be assigned to all files on that filesystem in FOREIGN mode.   
| -u and -g switches should be permitted to modify these, the -u being  
| restricted to root and the -g restricted to root or one of the groups  
| to which you are a member.

  And when you log out, and that disk is there when the next guy  
logs in, what happens?  What if the media is inserted when nobody is  
logged in?  Ignore it?  Mount it as the next guy who logs in?  There  
are pitfalls all around.

| I don't think it's a good idea to be able to identify the filesystem  
| as being your own.  It's too easy to introduce security problems that  
| way.  I'd suggest a default of FOREIGN and a root-only mount option  
| for LOCAL - ie, root decides, nothing's automated.

  We it's too easy if we can't figure out a safe way to do this,  
yes.  I think we can, though.

  Nothing automated...  You will not  enjoy Macintosh.  :-)

  From the Core OS perspective, we would like to facilitate  
automation by the higher level tools like the Finder.  We're in  
agreement that declaring a disk local is a priveledged operation.

| And what uid/gid do new files get....  I can't say I like the idea of  
| a magic ``nobody'' uid/gid.

  "nobody" is used by NFS as has a different semantic.  We'd need a  
different name.

  "unknown" is pretty clear, I think.

	-Fred


--
       Wilfredo Sanchez, wsanchez@apple.com
Apple Computer, Inc., Core Operating Systems / BSD
          Technical Lead, Darwin Project
   1 Infinite Loop, 302-4K, Cupertino, CA 95014



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910070032.RAA27559>