Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!snorkelwacker.mit.edu!hsdndev!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.unix.internals
Subject: Re: non-superuser chown(2)s considered harmful
Message-ID: <2938:Dec1001:37:3690@kramden.acf.nyu.edu>
Date: 10 Dec 90 01:37:36 GMT
References: <18792@rpp386.cactus.org> <1990Dec8.184047.22221@mp.cs.niu.edu> <1990Dec09.043647.25826@iecc.cambridge.ma.us>
Organization: IR
Lines: 16

In article <1990Dec09.043647.25826@iecc.cambridge.ma.us> johnl@iecc.cambridge.ma.us (John R. Levine) writes:
> Does anyone really do quota accounting by the UID of the file?  Consider
> the following scenario: User A creates a large file.  User B links to it.
> User A then deletes the original link.  If you charge by uid, user A is
> charged for the file even though she has no control over it any more, and
> might not even be able to see that it exists, depending on B's directory
> protections.

That's not an argument against normal quota accounting. It's an argument
for a user to have better control over files he owns. Somewhere in my
BSD-extensions list is a destroy(fd) system call to eliminate all
references to a given file other than the current descriptor. There's
also openfuid()/readfuid()/closefuid() to walk through all files owned
by a given user/group/ACL/everybody/whatever in inode order.

---Dan