|| ||Miklos Szeredi <miklos-AT-szeredi.hu>|
|| ||Re: [RFC] FUSE permission modell (Was: fuse review bits)|
|| ||Tue, 12 Apr 2005 18:31:06 +0200|
|| ||7eggert-AT-gmx.de, linux-fsdevel-AT-vger.kernel.org,
linux-kernel-AT-vger.kernel.org, hch-AT-infradead.org, akpm-AT-osdl.org,
> > I can accept that usually you are not interested in the stored
> > uid/gid. But doubt that you want to lose permission information when
> > you mount a tar file. Zip is a different kettle of fish since that
> > doesn't contain uid/gid/permissions.
> It's not about being not interested.
> It's because I'd want my programs, and other users, to have exactly
> the same access to the tgz contents through vfs as they have when
> accessing the tgz file directly.
OK, that makes sense, and it should be an option.
> Not some baroque combination of unobvious hard-coded permission
> rules, that aren't even visible through stat(), and which both
> increase permissions for the user and decrease it for others at the
> same time.
I look at it differently. I want the tar filesystem to be analogous
to running tar. When I run tar, other users are not notified of the
output, it's only for me. If they want to run tar, they can too.
The same can be true for tarfs. I mount it for my purpose, others can
mount it for theirs. Since the daemon providing the filesystem asways
runs with the same capabilities as the user who did the mount, I and
others will always get the permissions that we have on the actual tar
The end result in permission rules is the _same_ as with your
proposal. There's nothing baroque in it.
Think of the "no permission for others" as "hiding", not as some
special permission rule. And if this hiding can be nicely done with
namespaces, all the better, I'll happily drop this feature at that
> I see why you may want to hide certain things from other users
> sometimes - the sshfs example is a good one. I daresay Al Viro could
> come up with a per-user or per-keyring mount point for those occasions :)
Yeah, maybe that's something worth exploring.
to post comments)