[RFC] User Accesable Filesystem Hierarchy Standard

Jamethiel Knorth jamethknorth at hotmail.com
Sat Apr 10 14:57:24 UTC 2004 

>Date: Wed, 7 Apr 2004 08:24:43 -0400
>From: Alan Cox <alan at redhat.com>
>
>On Wed, Apr 07, 2004 at 08:00:45AM -0400, Jamethiel Knorth wrote:
> > >"Other people fire shotguns at random without warning, lets all do 
>that"
> >
> > More like, "People have a tendency to fire shotguns at random without
> > warning. Mayhaps we should expect them to."
>
>Which means stopping them from doing it without a lot of thought.

Certainly. And, requiring a root password for every install will cause 
people to think little of giving a root password. If most installs do not 
require a root password, those installs will require less thought, but they 
will also be incapable of harming the root system and side-effects will be 
less catastrophic.

Of course, even without this, any malware can install without a root 
password. It merely installs to the home directory and it has every bit as 
much influence as a program under this proposal would have. However, if a 
root password is required to affect the core system, but not to do a common 
install, any malware which affects the root system will have a much harder 
time tricking people, as they will not be adjusted to seeing a request for 
the root password.

Also, in a home desktop situation, the owner of the computer can easily 
allow other people to install programs without risking them leaving the 
system FUBAR.

> > The 10,000 private installations can be solved by a decent package
> > management system which will notify the administrator of multiple
> > installations. This system will also make it more likely an 
>administrator
>
>You've never run a large student system have you 8)

Okay, let me see. Step 1, quota home-dir space. Now, if people want to 
install stuff, they may run out of space. They can choose between storage 
space in program space at their leisure. No step 2 required for this plan to 
work.

Now, a really nice package manager which is tracking all the various user 
databases could pop-up a notification to the sys-admin saying, "8000 users 
have program X installed!" The sys-admin, getting this useful message can 
then say, "Hmmm, maybe people want to use that program, I'll see about 
installing it properly and giving them all messages that there is now a 
central install," or "Who cares what they do with their private space! Never 
show this message again!"

And, if users are not allowed to install programs, their home-directories 
can be prevented from containing executable files.

> > which is currently rather lacking. The last time I ran into a group
> > project, the sharing of stuff was so much trouble, people decided to 
>just
> > share out massive swaths of their home directories and hope no-one else
> > messed with them.
>
>ACLS fix most of this. With basic unix permissions you basically need an
>admin to set it up otherwise.

ACLS do fix this, I have heard many times. I have no doubt of that, and that 
is great. The problem still remains that there needs to be a place to put 
the shared information. Having a standardized way to handle group 
directories would help with this. Right now, basically any distribution on 
any architecture can handle home directories from any other setup because 
they're basically standard. Sure, the existence of /home/ isn't actually 
required, but everyone uses it that way.

Having a standard for the way these things are done would allow third-party 
programs to more easily target mixed environments and multiple platforms.

Further, I haven't seen an incredibly easy way to manage ACLS. The nice 
thing about a directory-base system is that File-Managers are extremely well 
developed and powerful tools. If the problem can be solved with simple 
tools, complex tools should be avoided. Obviously, if the simple tools 
genuinely will not work, they should not be used. However, I see no reason 
that these simpler tools will not work.

Also, this standard does other things.

It creates a standard place for users to put their own programs, when 
currently it is something decided by users at random. Some people seem to 
think that doing a private installation of a program should be a privilege 
of the geek elite. I strongly disagree with this. There is no reason to 
split users into groups like this, into the unskilled and the skilled. I am 
strongly in favor of empowering users.

The other thing this does is organizes where configuration files are put. 
Once the next draft is put up, it will even properly support having multiple 
sets of configuration files, such that a user can actually have working 
configurations for multiple distributions in one home directory. As this 
currently doesn't work properly (I am told this, but do not know 
personally), this is a major step forward.

My apologies for the tardy reply.

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar – get it now! 
http://toolbar.msn.com/go/onm00200415ave/direct/01/

More information about the fedora-devel-list mailing list