This is the mail archive of the
mailing list for the glibc project.
Re: Friendlier EPERM - Request for input
- From: Rob Landley <rob at landley dot net>
- To: Eric Paris <eparis at redhat dot com>
- Cc: linux-kernel at vger dot kernel dot org, libc-alpha at sourceware dot org,dwalsh at redhat dot com, dmalcolm at redhat dot com
- Date: Sat, 12 Jan 2013 01:23:45 -0600
- Subject: Re: Friendlier EPERM - Request for input
On 01/09/2013 10:04:23 AM, Eric Paris wrote:
Getting an EPERM/EACCES in userspace really kinda blows. As a user
don't have any idea why you got it. It could be SELinux, it could be
rwx bits on the file, it could be a missing capability, it could be an
ACL, it could be who knows what.
Adding SELinux, ACL, and capabilities to systems made them so much
easier to comprehend, didn't it? (My definition of "secure" includes
understanding what the system is doing. Crazy, I know.)
We'd like to start figuring out the
who knows what and hopefully find a way to expose that to userspace.
Obviously the response to having too many mechanisms doing the same
thing (badly) is to add a management interface. Piled higher and deeper.
But maybe those great minds on the lists can help me think of ways to
get Friendlier denials that I haven't thought of. Please. What are
thoughts, concerns, issues?
-EPERM was about file permissions. For SELinux and disability bits and
whatever they're calling OS/2 extended attributes this week you need
Ken Thompson had the insight "files are just a flat sequence of bytes"
about the same time he invented subdirectories. Bruce Horn shoehorned
icon data into the Lisa filesystem metadata because they hadn't
implemented subdirectories yet so they couldn't collate files that way,
and apparently standard archive formats like "ELF" and "zip/jar" simply
didn't occur to him. (Yes really:
Copying Bruce's reversion of Ken's insight because Microsoft blindly
copied Apple and now Windows doesn't know how to live without this
crutch really doesn't fill me with confidence. Oh well, too late now...