Extended attribute interfaces
Andreas Gruenbacher
ag at bestbits.at
Thu Sep 21 19:34:42 GMT 2000
On Thu, 21 Sep 2000, Casey Schaufler wrote:
> Andreas Gruenbacher wrote:
>
> > Having write access to a device
> > special file should not also give you write access to extended user
> > attributes of that file I think. One also never gets write access to the
> > special file itself but only to the device it refers to. Correct?
>
> Oh goody, I've been invited to ponificate on access policy!
At least nobody has asked you to sign anything :-)
> [...]
>
> To keep with traditional policy, user extended attributes
> may be treated either as data or as attributes, but the
> behavior should be consistant with that choice.
I think extended user attibutes (the un-prefixed category at the moment)
should be treated like file contents. I'm thinking of user attributes like
mime type and indexing keywords, which are related to the contents.
Say you have a read-only file system with a character device special file
on it. The device special file is read/write to everyone, so though the
file system is read only the device is read/write. The file mode
permission bits apply to the device, not the device special file inode.
Along that argument, the file mode permission bits also cannot determine
permissions for the inode's extended user attributes.
Choices would be to disallow extended user attributes for special files
altogether, or treat them like the "!attributes" category you have
proposed. Maybe disallowing them is the proper thing to do.
Andreas
------------------------------------------------------------------------
Andreas Gruenbacher, a.gruenbacher at computer.org
Contact information: http://www.bestbits.at/~ag/
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list