Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758643AbXHSCJc (ORCPT ); Sat, 18 Aug 2007 22:09:32 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1754070AbXHSCJY (ORCPT ); Sat, 18 Aug 2007 22:09:24 -0400 Received: from dsl081-033-126.lax1.dsl.speakeasy.net ([64.81.33.126]:40740 "EHLO bifrost.lang.hm" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753351AbXHSCJX (ORCPT ); Sat, 18 Aug 2007 22:09:23 -0400 Date: Sat, 18 Aug 2007 19:03:06 -0700 (PDT) From: david@lang.hm X-X-Sender: dlang@asgard.lang.hm To: Alan cc: Kyle Moffett , Marc Perkel , Valdis.Kletnieks@vt.edu, Michael Tharp , LKML Kernel , Lennart Sorensen Subject: Re: Thinking outside the box on file systems In-Reply-To: <1187479581.1608.1.camel@zowie.fnordora.org> Message-ID: References: <763705.7247.qm@web52512.mail.re2.yahoo.com> <1187479581.1608.1.camel@zowie.fnordora.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1809 Lines: 42 On Sat, 18 Aug 2007, Alan wrote: > On Wed, 2007-08-15 at 13:22 -0400, Kyle Moffett wrote: >> On Aug 15, 2007, at 13:09:31, Marc Perkel wrote: >>> The idea is that people have permissions - not files. By people I >>> mean users, groups, managers, applications >>> etc. One might even specify that there are no permission >>> restrictions at all. Part of the process would be that the kernel >>> load what code it will use for the permission system. It might even >>> be a little perl script you write. >>> >>> Also - you aren't even giving permission to access files. It's >>> permission to access name patterns. One could apply REGEX masks to >>> names to determine permissions. So if you have permission to the >>> name you have permission to the file. >> >> Please excuse me, I'm going to go stand over in the corner for a minute. >> >> *hahahahahaa hahahahahaaa hahaa hoo hee snicker sniff* >> >> *wanders back into the conversation* >> >> Sorry about that, pardon me. >> >> I suspect you will find it somewhat hard to convince *anybody* on >> this list to put either a regex engine or a Perl interpreter into the >> kernel. I doubt you could even get a simple shell-style pattern >> matcher in. First of all, both of the former chew up enormous gobs >> of stack space *AND* they're NP-complete. You just can't do such >> matching even in polynomial time, let alone something that scales >> appropriately for an OS kernel like, say, O(log(n)). > > Already been done. Take a look at "AppArmor" aka "Immunix". don't forget the ACPI interpreter. David Lang - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/