[RFC] User Accesable Filesystem Hierarchy Standard

Gary L Greene Jr greeneg at student.gvsu.edu
Wed Mar 31 19:47:59 UTC 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Saturday 27 March 2004 06:05 pm, Robert Marcano wrote:
> On Sat, 2004-03-27 at 18:34, Gary L Greene Jr wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> >
> > This is a proposal for a standard to accommodate the accessibility of the
> > filesystem by end-users. We request discussion on this as a new standard.
> > The URL to get to the document is:
> >
> > http://www.csis.gvsu.edu/~abreschm/uafhs/
>
> I am sure that the filesystem can be arranged in order to make it more
> easy to use to the desktop user, Your ideas of a shared directory is
> nice, but letting the user "Easily install software without escalating
> their privileges" is something that I don't like. The only way that I
> like a shared directory is if it is mounted from a filesystem with the
> "noexec" flag.
>
> I think that the software installation can be made easy with the help of
> a better "Add/Remove Programs", and the security aspect could be
> enhanced with the help of a SELinux policy for this program(s) (I am not
> an expert in SELinux, so I could be wrong)

The problem with adding software installation only through the root
directories is that you still need to have root privileges to install a
program. This proposal is to allow people to install programs, but not as
root. This adds no new abilities. None. It just makes it easier. Already,
people can install any program in their home directory, it is just a lot of
hassle. This is just a way to organize it.

The purpose is for home installation. Here is a sample setup: I have a
computer used by four people. I own it and want to run it. I want to allow
the other people to install programs without asking me. This lets them do
installations without needing to be root.

This doesn't pose a security issue because the programs installed thus do not
have higher privileges than those of the user that installed them.

This will in fact improve security on many home installations because users
will not need to be constantly entering their root password and will be less
likely to just turn the root password off.

Also, note that this is not intended for server installs, as is stated in the
proposal.

Thank you for the feedback.

> > I am a member of the Ark Linux team, who is interested in seeing the
> > Linux desktop become a viable option. I apologize for the cross-posting.
> >
> > - --
> > Gary L. Greene, Jr.
>
> --
> Robert Marcano

- --
Gary L. Greene, Jr.
Sent from uriel.gvsu.edu
  6:25pm  up   5:40,  5 users,  load average: 0.71, 0.42, 0.29
============================================================
Volunteer developer for the Ark Linux Project
 check out http://www.arklinux.org/ for more info.
 Also http://www.csis.gvsu.edu/~greeneg/
PHONE : (616) 331-0849
EMAIL : greeneg at arklinux.org
============================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAayBvrTQE7CqFxs8RAqQNAJ9zrz3coew32N+jP2gMsFMR2G8PtwCggtPM
reoC6fuUAgfI0FXG/nNFFyw=
=AJyS
-----END PGP SIGNATURE-----

More information about the fedora-devel-list mailing list