> But what of AFS (or, if you prefer, Arla)? It has even less support
> for Unix file metadata... but it *does* have security, both for
> authentication and data (at least in theory for data, by setting
> the Rx RPC layer to do encrypted transfers). It is reasonable to
> expect binaries from an AFS directory that only allows administrators
> write access to be secure... but the metadata is worthless for
> identifying such. (Even the setuid bit has only spotty support.)
AFS has several extra bits that could be used. How about the F bit?
I'm really starting to think that the trust indicator bit should
be determined by filesystem type and/or mount option. For NFS,
the setuid bit indicates trust. For AFS, you can use the F bit.
For vfat :-) you have the system bit.
One could even have a VFS function to ask about trust.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/