I believe that core should endeavour to respect the security policy of the system administrator rather than trying to enforce a specific policy of it's own.
I propose that the coding philosophy should be: *) When creating a file, do so with minimum permissions required *) When reading a file, open -> read -> close. Handle failure.
Essentially, if a file exists in the file system then core should respect it's permissions.
It should not try to change them.
It should not refuse to work because the permissions differ to an expected set which is hardcoded.
It should not refuse to work because uid isn't that of file owner.
However, it may be useful for system administrators and packagers to know more about what permissions should be set. The appropriate place for this is the documentation. Probably in with file heirarchy and path handling generally.
It may also be useful to create a "Check permissions" tool.
Regards, Sheldon
_______________________________________________ Discuss-gnustep mailing list [email protected] http://lists.gnu.org/mailman/listinfo/discuss-gnustep
