On Fri, Sep 03, 2010 at 09:24:07AM -0700, Chris Palmer wrote: > You can also tunnel HTTPS in GPG-encrypted email, but you don't. That is > backwards. You make a FUSE filesystem, mount it, and if for some reason you > want to unnecessarily access it via SFTP instead of using it as the > distributed filesystem it is, you use sftp(1) like normal.
It's worth thinking about the most fundamental abstraction, and I think FUSE is probably more it than SFTP. And you should consider what API you want to support. One of the reasons writing stackable file systems is so hard is that the API (at least on BSD) was very complicated - I tried to get TCFS to work a long time ago and it was a nightmare. Kinda OT, but in the kernel itself, it turns out that you can actually implement all the file-system related system calls with mmap; nothing else is techically necessary, so the entire kernel API could be much simpler (as would be implementing binary emulation). Occasionally for performance reasons you end up breaking layering, but in general it's a good idea for simplicity, and simplicity is a good idea for security :-) Also you can economize your effort by not trying to create multiple APIs, which is important if your implementation changes. Just build the lower level and let others worry about layering on top of that. -- It asked me for my race, so I wrote in "human". -- The Beastie Boys My emails do not have attachments; it's a digital signature that your mail program doesn't understand. | http://www.subspacefield.org/~travis/ If you are a spammer, please email [email protected] to get blacklisted.
pgpTKsjNAatFP.pgp
Description: PGP signature
_______________________________________________ tahoe-dev mailing list [email protected] http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
