Triple Entendre (triple_entendre) wrote,
Triple Entendre

  • Mood:

With your permission

So many misconfigurations, random failures, data losses, or mysterious bugs could be mitigated by one simple feature, which I propose should be intrinsic to a filesystem: a flag for whether or not a folder can be altered by automated processes. Really what I'd like to get to is to be able to distinguish things that happen because of a command I typed in (my direct intentions), a side effect of a command I typed in, and things a computer software agent is doing on my behalf, and allow or disallow these per-folder.

Right now this can be done by agents designed for it if they deliberately run without root privileges and fail noisily enough when they can't do something as a result. But I'd like to be able to cause this behavior in something that isn't designed for it. The middle case is addressed by things like bash's 'noclobber'. Hmm, maybe make it owned by root, but with permissions d---rwx--- and owned by a special group? And conversely, folders owned by user 'nobody', group 'interactive-user', and permissions drwx---rwx?

I think Gödel's Incompleteness applies here somewhere. I'll have to do some experimenting.

Note that my scheme would mandate two sorts of /tmp folder: one that the system uses, and one that a user can manipulate.

It would be interesting to have a way of encoding *why* some filesystem permission is not granted.
  • Post a new comment


    default userpic

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.