[haiku-development] Re: BFS drivers for other systems?
- From: pulkomandy <pulkomandy@xxxxxxxxxxxxxxxxx>
- To: <haiku-development@xxxxxxxxxxxxx>
- Date: Fri, 25 Feb 2011 09:47:21 +0100
> Just wanted to throw an idea similar to the one from Sean Collins.
>
> What about introducing a per-user partition diff at the file system
level
> above the actual system partition?
> There would be one system partition for all users,
> which only the administrator would be able to access directly.
> Then, for each ordinary user there would be an intermediate diff-layer,
> which allows transparent reading from the system partition, but
redirects
> written contents into a separate "home"-location.
> Subsequent reading of the same contents through the diff-layer would
then
> return data from the diff-layer first, but would fall back to the system
> partition in case the data wasn't present.
>
>>From my POV this approach would have the following advantages:
> 1. The physical system partition is totally secured from unauthorized
> modifications.
>
> 2. Existing applications wouldn't see any difference and wouldn't have
to
> be modified, however would work with multiple users.
>
> 3. The approach could easily be extended to support user-groups,
> by means of a layer hierarchy.
>
> 4. One could always start with a fresh user account whenever the old one
> is messed up and see the original file system.
>
> However, I see the potential problem with the performance and storage of
> such an approach as well.
I see some 'let's be different just for the sake of it' talking here.
With a good package manager, user permissions (preferably ACL, not Unix
ones which are too limited), it is pretty hard to mess up the system.
The diff-layer approach sounds like it has the following problems :
* performance : BeFS is already slow, let's not add more to it.
* fiability : if the system is updated, how do you ensure coherence of
the upper layers ?
* ease of use : wheer is my data actually stored, if I need to backup it
?
Our directory structure is quite good, with system/ holding the system
stuff and users/ holding the user's stuff. It's simple, it's easy, it's
efficient. Using things like a FS layer is just trying to hide the mess.
Let's rather make it clean in the first place. I like BeOS/Haiku for the
same reasons I like Amiga : it's simple in its architecture, yet it gives
all the power of the computer to the user. You can understand what's going
on, and you don't have to mess with weird bash commands and settings files.
The multipartition approach (be it layered or not) does not actually
brings you any security. It's not because user can't see the data, that
malware can't see it either. The more complex the device, the more flaws it
will have.
Let's keep it simple. A "user" folder for each user, storing settings for
all apps, and documents. A system folder with binaries, and restricted
access. Maybe it should have a password, maybe the user could allow apps to
touch it on an app-fingerprint based system (but I see security problems
with that).
--
Adrien.
Other related posts:
