On Tue, 05 Jul 2005 22:51:07 -0400, Horst von Brand <[EMAIL PROTECTED]> said:
> Hubert Chan <[EMAIL PROTECTED]> wrote: >> On Fri, 01 Jul 2005 03:41:00 -0400, Chet Hosey <[EMAIL PROTECTED]> >> said: >> > Horst von Brand wrote: >> >> And who says that a normal user isn't allowed to annotate each and >> >> every file with its purpose or something else? >> Explain how you currently allow users to annotate arbitrary files. > By keeping annotations /outside/ the files. So if I want to share annotations, I have to look in 20 different places? > [...] >> The situation is even better with file-as-dir. If the administrator >> wants to allow users to edit the description metadata for the file >> foo, the administrator can set the appropriate permissions for >> foo/.../description, and keep foo read-only. > So now root is responsible in exquisite detail for random other users > being able to keep info about my files? I can grant people permissions to write random info into my own files. Or they can use unionfs if I don't grant them permissions. Remember: the above argument was citing an advantage of file-as-dir over packed files (storing metadata as a tar or zip file, similar to what OpenOffice.org does, or even something like exif or id3). In a packed file, I can't allow people to edit the description attribute without allowing them to edit the entire file. With file-as-dir, I get much finer grained permissions. > [...] >> Actually, you could use something like unionfs to allow users to keep >> their own annotations without affecting everyone else's. > Again, root has to mount that stuff for each and every user? suid program that allows union mount into a directory within my own tree (or just into any directory that I have write permissions should be sufficiently secure). -- Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/ PGP/GnuPG key: 1024D/124B61FA Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA Key available at wwwkeys.pgp.net. Encrypted e-mail preferred. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
