Re: [RFD] 'nice' attribute for executable files

From: Måns Rullgård
Date: Fri Apr 01 2005 - 11:10:42 EST


Wiktor <victorjan@xxxxxxxxxxxxxx> writes:

> Måns Rullgård wrote:
>> So you are proposing the addition of a per-file attribute, with
>> restricted access, and potentially dangerous effects if set
>> incorrectly. This, combined with the fact that is unlikely to receive
>> much testing, all speaks against it.
>>
>
> Almost every attribute can be dangerous if set incorrectly. Bot it is
> really no problem - simply let's turn to fat12 as root filesystem, and
> no attribute will be dangerous any more... See that acl-s also are not
> used for every file, only for some files, ones of thousands files in
> the filesystem. They are not set and reset every ten minutes - they
> are set one time and used, used and used. The same applies to nice
> attribute. Is it dangerous to not modify attribute all the time? And
> why restricted access is riskfull and evil?

The problem is in ensuring that access really is as restricted as you
think it is. How will you deal with removable devices, and network
filesystems? We really don't want all the concerns associated with
the SUID/SGID bits in yet another place.

Most importantly, though, hacks like this to work around bugs in
applications is not the proper thing to do.

--
Måns Rullgård
mru@xxxxxxxxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/