Re: Differentiated writable permissions

To: debian-user mailing list <debian-user@lists.debian.org>
Subject: Re: Differentiated writable permissions
From: thib <thib@stammed.net>
Date: Fri, 04 Jun 2010 12:35:23 +0200
Message-id: <[🔎] 4C08D6EB.2000908@stammed.net>
In-reply-to: <[🔎] AANLkTimHz0arHuzOAk2cWedDFZB3itVoOu1uIFLbegf8@mail.gmail.com>
References: <[🔎] 20100603103918.GA14128@defiant.freesoftware> <[🔎] AANLkTimHz0arHuzOAk2cWedDFZB3itVoOu1uIFLbegf8@mail.gmail.com>

Anand Sivaram wrote:

I dont think you could do that in filesystem level, since when 'w'
permission is given the user could create both files and directories, but
without 'w' permission the user cant do both.  May be you could give
readonly permission to all directories except one where this user could
create any type of files including directories and normal files.

POSIX won't allow it, but another layer could (a virtual filesystem,mandatory access control systems, ...)

The reason nobody seems to care very much is that determining the file typeis very difficult to do reliably. Obviously filename extensions areuseless, but format signatures can also be easily faked. Even the human eyecan be fooled by some steganographic contents, and a directory structurecould take the form of an archive.

Restricting file types to a directory is just not something you usually do.But maybe there are special use cases.

-t

Reply to:

References:
- Differentiated writable permissions
  - From: Daniel Bareiro <daniel-listas@gmx.net>
- Re: Differentiated writable permissions
  - From: Anand Sivaram <aspnair@gmail.com>

Prev by Date: Re: I cannot write file onto samba share
Next by Date: BerkeleyTIP Join June Global Free SW HW Culture Mtgs via VOIP or in Berkeley
Previous by thread: Re: Differentiated writable permissions
Next by thread: Requesting Backports
Index(es):
- Date
- Thread