• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: OT: folder guards????
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OT: folder guards????

  • Subject: Re: OT: folder guards????
  • From: Ondra Cada <email@hidden>
  • Date: Fri, 28 Apr 2006 19:31:26 +0200
Matt,

On 28.4.2006, at 19:15, Matt Gough wrote:

Nope. This is covered nicely by the users and access rights. I would like give the user ability to prevent *himself* from writing to a folder.

So can't they just set their own access rights on the guarded folder to Read-Only? Works for me here. Things have to authenticate to add to such folders.

(i) a malicious (or even over-enthusiastic) software writer can programmatically switch that off without you noticing. He even can then return the original setting for your convenience :) (And this of course applies to Folder Actions as well).

(ii) if this does not happen and the attempt to write there fails, you (a) may not even know of it (depending on the way the app chooses to report errors), (b) even if informed, you have no easy way of authorising the attempt (re-launch the app and re-do all what you have done before? Ick!)

The idea of "folder guard" is that -- for (i) above -- the appropriate low-level implementation would ensure the very switching off could not be unnoticed by user (unless he, of course, authorised the app to run admin, in which case there can never be any reliable guard at all). Also -- for (ii) above -- the idea is that the "culprit" application gets any error only after you, the user, have chosen not to authorise the request. OTOH, if you did that, it would only find the request took a long time, but it would be granted the very normal way.

Of course there are alternative ways to implement that, say, by creating another user account, and make "guarded" folders owned by it (using then ACLs rather than plain unix rights, so as they can be inheritable, but that's implementation detail). Perhaps this actually could be the ideal implementation of the "folder guard" feature I am musing about... or perhaps might not, for I somewhat suspect that adding a support for "ask-the-user-and-authorise-the-action-if-he- says-so-and-fail-it-otherwise" might be perhaps considerably easier using Kauth than using ACLs.

Am not sure at all: that was why I have asked for your opinions :)
---
Ondra Čada
OCSoftware:     email@hidden               http://www.ocs.cz
private         email@hidden             http://www.ocs.cz/oc


_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: OT: folder guards????

      • From: Ryan Britton <email@hidden>
      • 





References: 


 >Re: OT: folder guards???? (From: Will Mason <email@hidden>)


 >Re: OT: folder guards???? (From: Ondra Cada <email@hidden>)


 >Re: OT: folder guards???? (From: Matt Gough <email@hidden>)






    

  • Prev by Date:
Re: What kind of network protocol used by "Shared Printer/Fax"

    • 

  • Next by Date:
Re: How to retrieve currencies list

    • 

  • Previous by thread:
Re: OT: folder guards????

    • 

  • Next by thread:
Re: OT: folder guards????

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •