I think unix permissions system should not be a just copy/paste from linux with all its boring effects (like in web development, FTP or SVN upload) but should be a bit less complex.
I suggest 5 groups at the maximum:
- Admin users
- Normal users
- Guests users
- Processes
- And user-defined groups
I also suggest the entire system to be localisable and variable. All the system folders like /boot /system etc… sould refers to env variables. “Root” or “baron” username should be translatable to “Admin” or in french “Administrateur”.
oops, i think it is better to completly remove the “processes” group.
Because any system process is already owned by an human (at least the “administrator”)
I suggest that because when doing web development under Linux there is a really boring “thing”.
We have to always redefine permissions under /var/www (for each newly created file) because newly created file are owned by the current session user.
I think that commands like this should disapear under an Haiku envirronnment:
sudo chown -R www-data:www-data /var/www
In that case, the server process (httpd or apache2) is owned by the session user so no problem with newly created files.
Honestly I think the less multi-user there is, the better. This is my computer, if you touch it, heck if you even breathe on it I’ll cut your paws off with an axe!
If there really really must be “multi-user”, I agree, it should be limited. I only see a need for the following groups:
- System files (protected from being written to by malicious software)
- User files (unprotected)
- Administrator files (protected from being written to by any other users, this would be software that’s installed by the admin)
User A can read/write user B’s files and vice-versa. If user A needs to be protected from user B, then they should bloody well get their own computer! Heck, or even a USB flash drive. The notion of walling off one user’s files from another comes from the bad, bad old days of extensive 1970s beard-growing and mainframe computers, when a single hard disk cost hundreds of thousands of pounds (that must be why nobody could afford razors)
If we need some kind of “mult-user security”, then it needs to be done at the application level. Maybe using attributes. I want to be able to say “this app can access the network, its data files and its settings file, but NOT any other files on the system”, or “this application has read only access to every file, but no network access and no write access aside from its settings file”.
This is much more personal-computer-centric, one computer with one user who has complete authority, where the apps are not necessarily trusted by the user.
Traditional multi-user is no good at all for protecting anything. A simple script rm -rf ~/* will ruin a user’s life, and the Unix permissions nonsense can’t do a thing to stop it. Who cares if the system files get buggered up, I’ll just reinstall it. If my data gets buggered up, heads will roll. And I’m not talking fursuit heads either.
ASoftwareHatingFurry, I think you are being too harsh. I never threaten to do more injury than breaking every finger in the hand that touches my computer without permission.
As for controlling file access, I do think a simple login screen with a password helps alot.
Once you have that you can add a guest account verses the admin account and then your permission scheme would meet 95% of needs of the users. I do say 95% because the remaining 5% will have different needs.
What we need to find is the best solution for as many of that 5% as possible without making the system more complex than it needs to be. Too many solutions try to solve for 100% by throwing everything into the mix. Haiku does not need that.