Capabilities

Bill Spitzak (spitzak@d2.com)
Fri, 21 May 1999 14:38:28 -0700 (PDT)


Since I'm not a member of this list, and I'm sure Linus gets lots of
mail, I can only hope this might get bounced to somebody who might
make sense of my comments and either dismiss them as absurd or
something...

Linus's worry about scripts seems to be solvable by adding
capabilities to the "header" of the script, just like they are added
to the header of the ELF file. This could be done by adding a second
line to do this:

#! /bin/sh -foo
#! xxyyzzy

where xxyyzzy is the capabilities, in some easily-parsed and
unambiguous text form. I would prefer it on the first line, but this
way allows the script to be run on non-capability systems.

It seems to me that there are huge advantages with doing this, in that
scripts with capabilities can be stored on file systems that don't
support them.

If in fact Linux goes with file-system capabilities, it seems to me
that this means that information that is only useful for executable
files is stored with *every* file (granted the likely implementation
will take no space). This would seem to imply that we should look
into a system where every file is executable. This would match the
Windoze or Mac idea where you can double-click anything and
(supposedly) it does something useful. Building the linking of what
running a file does into the system (well, probably the exec call in
the library) could make shell scripting much more powerful, and remove
the need for incompatable and complex code in the UI.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/