Re: Proposed changes to the policy (Was: My suggestions)
On Sat, Jun 26, 2004 at 09:43:46PM +0400, Victor Nazarov wrote:
> Peter Novodvorsky wrote:
> >I see no advantage of proposed scheme over the current one. If you
> >want completions for package names you can use zsh or bash with
> >completions and dont mess with apt-cache search. If you want to do
> >grep, you can do it by grepping Packages file or grep-dctrl.
> May be you are right, but I think packages require more organization anyway.
Yes, they do. If you are interested in helping, read about Debian Package
> Acls is not what I want. I just want to permit normal users to create
> groups. I don't think this is a filesystem feature, Unix filesystem and
> kernel provides per user permitions managment since the creation, the only
> barier is a minimalistic login tools with /etc/passwd, /etc/group files.
> My scheme is totally backward compatible, why not to implement it?
For one, it would be a nightmare to try to implement it securely, let alone
addressing the fact that it breaks fundamental assumptions about the UNIX
security model which are taken for granted in a great deal of software.
As a general rule, it is a good idea to first spend time learning the design
of the existing system, the reasons for it, and the costs involved in
changing it, before suggesting such sweeping changes. The "why not?"
approach doesn't work in something as large and complex as Debian.