From owner-freebsd-hackers Wed Oct 6 17:33: 8 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from mail-out1.apple.com (mail-out1.apple.com [17.254.0.52]) by hub.freebsd.org (Postfix) with ESMTP id 669DD1579C for ; Wed, 6 Oct 1999 17:33:06 -0700 (PDT) (envelope-from wsanchez@scv3.apple.com) Received: from mailgate2.apple.com ([17.129.100.225]) by mail-out1.apple.com (8.9.3/8.9.3) with ESMTP id RAA12593 for ; Wed, 6 Oct 1999 17:32:49 -0700 (PDT) Received: from scv3.apple.com (scv3.apple.com) by mailgate2.apple.com (Content Technologies SMTPRS 2.0.15) with ESMTP id ; Wed, 06 Oct 1999 17:32:39 -0700 Received: from joliet-jake (joliet-jake.apple.com [17.202.40.140]) by scv3.apple.com (8.9.3/8.9.3) with SMTP id RAA27559; Wed, 6 Oct 1999 17:32:39 -0700 (PDT) Message-Id: <199910070032.RAA27559@scv3.apple.com> To: Brian Somers Subject: Re: Apple's planned appoach to permissions on movable filesystems Cc: Pat Dirks , FreeBSD Hackers In-Reply-To: "Your message of Tue, 05 Oct 1999 14:19:22 PDT."<199910052119.OAA24627@scv1.apple.com> Date: Wed, 6 Oct 1999 17:32:33 -0700 From: Wilfredo Sanchez Reply-To: wsanchez@apple.com X-Mailer-Extensions: SWSignature 1.3.2 X-Mailer: by Apple MailViewer (2.106) Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG | I think the owner and group of the person that mounted the filesystem | should be assigned to all files on that filesystem in FOREIGN mode. | -u and -g switches should be permitted to modify these, the -u being | restricted to root and the -g restricted to root or one of the groups | to which you are a member. And when you log out, and that disk is there when the next guy logs in, what happens? What if the media is inserted when nobody is logged in? Ignore it? Mount it as the next guy who logs in? There are pitfalls all around. | I don't think it's a good idea to be able to identify the filesystem | as being your own. It's too easy to introduce security problems that | way. I'd suggest a default of FOREIGN and a root-only mount option | for LOCAL - ie, root decides, nothing's automated. We it's too easy if we can't figure out a safe way to do this, yes. I think we can, though. Nothing automated... You will not enjoy Macintosh. :-) From the Core OS perspective, we would like to facilitate automation by the higher level tools like the Finder. We're in agreement that declaring a disk local is a priveledged operation. | And what uid/gid do new files get.... I can't say I like the idea of | a magic ``nobody'' uid/gid. "nobody" is used by NFS as has a different semantic. We'd need a different name. "unknown" is pretty clear, I think. -Fred -- Wilfredo Sanchez, wsanchez@apple.com Apple Computer, Inc., Core Operating Systems / BSD Technical Lead, Darwin Project 1 Infinite Loop, 302-4K, Cupertino, CA 95014 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message