[RFC] User Accesable Filesystem Hierarchy Standard
Jamethiel Knorth
jamethknorth at hotmail.com
Sat Apr 10 14:57:24 UTC 2004
>Date: Wed, 7 Apr 2004 08:24:43 -0400
>From: Alan Cox <alan at redhat.com>
>
>On Wed, Apr 07, 2004 at 08:00:45AM -0400, Jamethiel Knorth wrote:
> > >"Other people fire shotguns at random without warning, lets all do
>that"
> >
> > More like, "People have a tendency to fire shotguns at random without
> > warning. Mayhaps we should expect them to."
>
>Which means stopping them from doing it without a lot of thought.
Certainly. And, requiring a root password for every install will cause
people to think little of giving a root password. If most installs do not
require a root password, those installs will require less thought, but they
will also be incapable of harming the root system and side-effects will be
less catastrophic.
Of course, even without this, any malware can install without a root
password. It merely installs to the home directory and it has every bit as
much influence as a program under this proposal would have. However, if a
root password is required to affect the core system, but not to do a common
install, any malware which affects the root system will have a much harder
time tricking people, as they will not be adjusted to seeing a request for
the root password.
Also, in a home desktop situation, the owner of the computer can easily
allow other people to install programs without risking them leaving the
system FUBAR.
> > The 10,000 private installations can be solved by a decent package
> > management system which will notify the administrator of multiple
> > installations. This system will also make it more likely an
>administrator
>
>You've never run a large student system have you 8)
Okay, let me see. Step 1, quota home-dir space. Now, if people want to
install stuff, they may run out of space. They can choose between storage
space in program space at their leisure. No step 2 required for this plan to
work.
Now, a really nice package manager which is tracking all the various user
databases could pop-up a notification to the sys-admin saying, "8000 users
have program X installed!" The sys-admin, getting this useful message can
then say, "Hmmm, maybe people want to use that program, I'll see about
installing it properly and giving them all messages that there is now a
central install," or "Who cares what they do with their private space! Never
show this message again!"
And, if users are not allowed to install programs, their home-directories
can be prevented from containing executable files.
> > which is currently rather lacking. The last time I ran into a group
> > project, the sharing of stuff was so much trouble, people decided to
>just
> > share out massive swaths of their home directories and hope no-one else
> > messed with them.
>
>ACLS fix most of this. With basic unix permissions you basically need an
>admin to set it up otherwise.
ACLS do fix this, I have heard many times. I have no doubt of that, and that
is great. The problem still remains that there needs to be a place to put
the shared information. Having a standardized way to handle group
directories would help with this. Right now, basically any distribution on
any architecture can handle home directories from any other setup because
they're basically standard. Sure, the existence of /home/ isn't actually
required, but everyone uses it that way.
Having a standard for the way these things are done would allow third-party
programs to more easily target mixed environments and multiple platforms.
Further, I haven't seen an incredibly easy way to manage ACLS. The nice
thing about a directory-base system is that File-Managers are extremely well
developed and powerful tools. If the problem can be solved with simple
tools, complex tools should be avoided. Obviously, if the simple tools
genuinely will not work, they should not be used. However, I see no reason
that these simpler tools will not work.
Also, this standard does other things.
It creates a standard place for users to put their own programs, when
currently it is something decided by users at random. Some people seem to
think that doing a private installation of a program should be a privilege
of the geek elite. I strongly disagree with this. There is no reason to
split users into groups like this, into the unskilled and the skilled. I am
strongly in favor of empowering users.
The other thing this does is organizes where configuration files are put.
Once the next draft is put up, it will even properly support having multiple
sets of configuration files, such that a user can actually have working
configurations for multiple distributions in one home directory. As this
currently doesn't work properly (I am told this, but do not know
personally), this is a major step forward.
My apologies for the tardy reply.
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar get it now!
http://toolbar.msn.com/go/onm00200415ave/direct/01/
More information about the fedora-devel-list
mailing list