Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!ames!amdcad!weitek!aimt!breck From: breck@aimt.UU.NET (Robert Breckinridge Beatie) Newsgroups: comp.unix.questions Subject: Re: File Write Permission Rules Summary: What would "remove" permission on a file mean? Keywords: file write permission rules Message-ID: <2903@aimt.UU.NET> Date: 15 Feb 89 20:50:10 GMT References: <306@wubios.wustl.edu> <9627@smoke.BRL.MIL> <502@maxim.ERBE.SE> Organization: AIM Technology, Santa Clara, CA Lines: 49 In article <502@maxim.ERBE.SE>, prc@maxim.ERBE.SE (Robert Claeson) writes: > In article <306@wubios.wustl.edu> david@wubios.wustl.edu (David J. Camp) writes: > >My question is: What is the (historical or otherwise) justification for > >this rule? It seems wrong. I would have required write permission to > >the file itself in order that it be removed. ... > I think that what David meant is that it would make more sense to let > all objects in the file system have its own attributes, instead of > relying on the directory permissions for some things. And I agree -- > it certainly makes more sense to have a "delete" attribute on a file, > which must be set in order for me to remove it. And I'd like to add > an "append" attribute to the list. How would this "delete" attribute affect files with multiple links? No acceptable meaning springs directly to mind. It seems that there are two possibilities: 1) the "delete" attribute applies on every unlink operation. 2) the "delete" attribute applies only on the "last" unlink operation. Even if (2) is the accepted meaning, the "last" link to be severed may not be the original link to the file. So if I create a link in my home directory to a file owned by another uid, I might not be able to delete that link when I'm done with it. I'd have to ask the owner to delete a file in my directory. And perhaps I don't have "search" permissions turned on for that user in one or more of the link's parent directories. I suppose another possiblity would be to associate some more information with a link. Perhaps a count of the links that already connect to the file when the new link is created. Then the delete permission would apply only to the link whose "link-count" is zero. I suppose that would work, but it violates the principle that all links to a file are created equal. Besides, where would you put this extra information. (Of course this is not a problem for symbolic links.) The "append" attribute is interesting. But how often do you really want to allow a person to "append" to a file but not "write" to it. Or the opposite. Would you let the file owner specify "write" permission, but not "append"? And would that prohibit, not just opening for "append", but opening for "write" and then seeking to the end of file and writing? Or for that matter would it prohibit starting at the beginning of the file and then writing past the end of the file? As I said, I think the "append" attribute is an interesting idea. I'm just not sure how often I'd want to allow append permission and not write permission (or vice versa). As for the "delete" attribute, I really don't think it's a good idea. -- Breck Beatie (408)748-8649 {uunet,ames!coherent}!aimt!breck OR breck@aimt.uu.net "Sloppy as hell Little Father. You've embarassed me no end."