From: Nikolaus R. <Nik...@ra...> - 2008-08-09 16:08:09
|
Goswin von Brederlow <gos...@we...> writes: > Nikolaus Rath <Nik...@ra...> writes: > >> Jean-Pierre André <jea...@wa...> writes: >>>> This code which checks whether the user has enough rights makes an >>>> impression of re-implementing one more time the general linux logic >>>> for permission checking, and it doesn't feel right. Isn't it possible >>>> in FUSE to use the system procedure for permission checking as the >>>> default? Why should at all this ntfs-3g code care about whether it >>>> should check for CAP_FOWNER or for processuid==0 or for something else >>>> (when a new version of linux with different logic is out) -- can't it >>>> just tell the kernel all the owner and permission information and let >>>> it decide whether the operation is allowed? >>>> >>> >>> I agree, and I have already suggested the same on the >>> fuse list. Fuse could indeed check the rights based on >>> the file owner and permissions, the driver being only >>> responsible for storing and retrieving the attributes. >> >> It does so, you just have to use the default_permissions mount option. > > Just to be sure, if I specify "default_permissions" then fuse > garanties that it will never callback an operation that isn't > allowed? As I understood and tested, yes. > Because Bernd and I have been discussing about the right permission > handling in unionfs fuse and it is a nightmare to do right. Problem > is supporting all the groups a pid can be in. Only the kernel knows > this. I guess you found the solution then. :-) Best, -Nikolaus -- »It is not worth an intelligent man's time to be in the majority. By definition, there are already enough people to do that.« -J.H. Hardy PGP fingerprint: 5B93 61F8 4EA2 E279 ABF6 02CF A9AD B7F8 AE4E 425C |