Re: OT: folder guards????
Re: OT: folder guards????
- Subject: Re: OT: folder guards????
- From: Ryan Britton <email@hidden>
- Date: Fri, 28 Apr 2006 12:04:15 -0700
How about using the BSD attribute SF_IMMUTABLE?
On Apr 28, 2006, at 10:31 AM, Ondra Cada wrote:
Matt,
On 28.4.2006, at 19:15, Matt Gough wrote:
Nope. This is covered nicely by the users and access rights. I
would like give the user ability to prevent *himself* from
writing to a folder.
So can't they just set their own access rights on the guarded
folder to Read-Only? Works for me here. Things have to
authenticate to add to such folders.
(i) a malicious (or even over-enthusiastic) software writer can
programmatically switch that off without you noticing. He even can
then return the original setting for your convenience :) (And this
of course applies to Folder Actions as well).
(ii) if this does not happen and the attempt to write there fails,
you (a) may not even know of it (depending on the way the app
chooses to report errors), (b) even if informed, you have no easy
way of authorising the attempt (re-launch the app and re-do all
what you have done before? Ick!)
The idea of "folder guard" is that -- for (i) above -- the
appropriate low-level implementation would ensure the very
switching off could not be unnoticed by user (unless he, of course,
authorised the app to run admin, in which case there can never be
any reliable guard at all). Also -- for (ii) above -- the idea is
that the "culprit" application gets any error only after you, the
user, have chosen not to authorise the request. OTOH, if you did
that, it would only find the request took a long time, but it would
be granted the very normal way.
Of course there are alternative ways to implement that, say, by
creating another user account, and make "guarded" folders owned by
it (using then ACLs rather than plain unix rights, so as they can
be inheritable, but that's implementation detail). Perhaps this
actually could be the ideal implementation of the "folder guard"
feature I am musing about... or perhaps might not, for I somewhat
suspect that adding a support for "ask-the-user-and-authorise-the-
action-if-he-says-so-and-fail-it-otherwise" might be perhaps
considerably easier using Kauth than using ACLs.
Am not sure at all: that was why I have asked for your opinions :)
---
Ondra Čada
OCSoftware: email@hidden http://www.ocs.cz
private email@hidden http://www.ocs.cz/oc
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden