From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Warren W. Gay VE3WWG" Subject: Re: Contraversial: A New FRUGAL File System? Linux Registry (again)? Date: Mon, 27 Oct 2003 22:49:47 -0500 Sender: linux-fsdevel-owner@vger.kernel.org Message-ID: References: <20031027063015.98B1332C6D@desire.actrix.co.nz> <003901c39c59$6248dab0$0201a8c0@joe> Return-path: Received: from main.gmane.org ([80.91.224.249]:16302 "EHLO main.gmane.org") by vger.kernel.org with ESMTP id S263837AbTJ1DtV (ORCPT ); Mon, 27 Oct 2003 22:49:21 -0500 Received: from list by main.gmane.org with local (Exim 3.35 #1 (Debian)) id 1AEKrB-0006nn-00 for ; Tue, 28 Oct 2003 04:49:21 +0100 To: linux-fsdevel@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org "Joseph D. Wagner" wrote in message news:003901c39c59$6248dab0$0201a8c0@joe... > I concur with Charles Manning [manningc2@actrix.gen.nz] that > the registry is a good idea and would be valuable to Linux, and I > unfortunately agree that the registry is too often abused. I have said elsewhere in this thread, that this is not the technology's fault. If you want to keep user entries out of a system registry, then set the permissions up that way. M$ does a poor job of laying out security in both the registry and their file systems (ie. NTFS). But neither the hierarchical file system, nor the registry is to be blamed for the abuses! > I must admit, though, that the idea of using a file system rather > than a database as a registry is rather intriguing. Instead of creating > a whole new API for a registry, you can simply use the existing VFS > API and treat each file as a registry entry. Bryan Henderson suggested that the Reiserfs would be a good choice, and based upon what I have read today about it, it would seem so. No need to write a FRUGAL file system, either. Apparently, Reiserfs also provides a special lighter weight API too, to avoid the overhead of a full open/read/write/close protocol. A registry API could carefully wrap that, for a little more convenience. Additionally, Reiser4 permits plugins that can assemble registry entries (small files) into a common file "view". This would be a simpler way to implement my idea of a /proc/etc/file.conf file. These "views" can even be edited directly by a text editor, and then affect the individual registry entries (small files), upon saving (assuming that the permissions on all of the registry entries (small files), permitted that save). Reiserfs also provides a "transaction" oriented approach, which is nice to have in a registry change scenario. > However, Access Control Lists (ACL's) would be a must-have before > such a file system registry is implemented or else both programs and > users alike would surely abuse the registry. I agree that ACL support would be a good thing for flexibility, but I fail to see how it would be a prerequisite. You don't exactly have users abusing /etc where many config entries are stored today. The registry when properly secured, need not be any worse than /etc access. In fact, as I suggested elsewhere, you could supply a 2nd registry file system that was for general user use. They can abuse themselves until they go blind, but at least they'd not interfere with the system configuration that way. Registry disk space can be better limited as well. > Personally, I think a registry on Linux should be held off until > Linux has native support for ACL's. Trying to build a secure > registry based upon the existing file system security architecture > (read, write, execute; owner, group, everyone) would simply > be too much of a hassle. > > Joseph Wagner I do agree that ACLs provide flexibility in exceptional cases. UNIX file systems have been used for decades successfully without ACLs, so I believe that a file system based registry need not necessarily be any different. ACLs would however, open new possibilities for exceptions to the rule, cases. -- Warren W. Gay http://home.cogeco.ca/~ve3wwg