Sheldon Hearn wrote: > On Tuesday 12 August 2008 17:26:20 Peter Rabbitson wrote: >> I think this will make it even more convoluted. The 'not' bit can be >> easily expressed with a regular/take pattern. XOR will require a new >> paradigm. > > If you guys really are going to make it this complicated, please > consider the syntax offered by GNU find's -perm option. > > CIDR-style masking actually is a poor fit here, because it only answers > one question -- is that in this?
How does -perm differ? > With generalized permissions queries, you may wish to ask different > kinds of questions. What kind? Suggestions are appreciated. > But again, I think this is all too much generalisation. I think the > user interface only needs "not world readable" as a discriminator, > regardless of how clever it gets under the hood. I side with Philipp here - if one si to design an interface, it must be able to cover _everything_ the programmer could conceivably think of, no matter how obscure. Then once this task is done, one is left only with 1) building on top of the generic interface, to accomodate frequently encountered scenarious (i.e. implementing "not world readable") 2) deal with the unfortunate shortcomings of the design that one (unfortunately) did not think of. Sheldon on the other hand is suggesting to forgo other perfectly valid use-cases and centralize the solution around the (invaluable, no contest here) "not world readable". Now when someone says "I would like to version all suid binaries in a separate repository for maximum security (i.e. to detect tampering)" Philipp would have his work done already, whereas Sheldon would be starting at square one (plus the added benefit of having to worry about back-compat). My 2c Peter --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
