Privacy (su UID value in desktop entry standard)
C. Gatzemeier
c.gatzemeier at tu-bs.de
Fri Mar 19 20:32:35 EET 2004
Am Freitag, 19. März 2004 16:22 schrieb Linas Vepstas:
> From the "User Experience" persepective, I think you've described it
> exactly.
>
> From the 'how to actually implement this' I suspect that there are
> a number of devilish details, especially in the interaction between
> the finder and other apps.
I was thinking more along the lines of how to use what is already there, and
not implementing an additional locking abstraction.
> e.g. where on the desktop do locked files
> appear? Does the 'guest' desktop always show the files of all other users?
> Do we need to reinvent hidden files?
As a side note, I personaly would prefer if Desktops would make the filesystem
and the concept of home directories easy to understand and visible.
IMHO the desktop should be the home directory. Instead, the desktop is another
higher level, leaky directiory abstraction. Just like in less capable OSes.
New users will inevitably be confused later.
Don't think reinventing new hidden files should be necessary, private files
are just one level up and in a another home dir. To make this even easier,
and as we are currenty picturing a shared "family" system, maybe it could be
explored to make the family home dir a group directory or just /home. From
there it is just as easy to change (click) into the family dir as into any
private dir (password provided).
> Do permissions work at file
> level or directory level?
Should be both, but it is generaly easier to use directories, User Private
Groups, and umask 002 (http://www.redhat.com/docs/manuals/linux/
RHL-7.2-Manual/ref-guide/s1-users-groups-private-groups.html)
> What is the mapping between the "user
> Experience" and UNIX ACL's?
It is absolutely possible that I did not understand you correctly. But again
mapping to a different desktop abstraction doesn't sound like a good idea to
me. It might be that we are just thinking this from different angles.
> How can I copy from user A to user B? (e.g. from user 'home-accounting'
> to user 'linas-mail'), how can I do that copy so that it doesn't expose
> security holes for future crackers/worms/viruses ?
Ok, here a litte diffence may become visible, you seem to think of general
application accounts (-accounting, -mail etc.). I was merely thinking to put
tested unix multi user management effectively into use on the Desktop. The
entities being the persons not the apps. Of course in some cases apps can be
folded into "application accounts". Or alternatively you save your gnucash
file in a group direcory accessible for group members even without password.
Things like copying from user A to B should come naturally. At this point if
you have two filebrowsers open, one as root and one as regular user, copying
back and forth alredy works fine. This needs "just" to be implemented on a
directory and file level basis also within the filebrowser so that it prompts
for a password if you try to access a out of current permission entity.
> I don't have answers to these; these are just some of the issues I could
> think of quickly. I was sort of hoping that some of this had already
> been discussed a bit on the desktop mailing lists.
I hope someone involved in the desktops / filemanagers might step out and shed
some light on related intentions.
> --linas
Christian
More information about the xdg
mailing list