[svlug] eWeek article on MS Outlook

Erik Steffl steffl at bigfoot.com
Tue May 16 09:42:43 PDT 2000


J C Lawrence wrote:
> 
> On Mon, 15 May 2000 20:02:12 -0700 (PDT)
> Deirdre Saoirse <deirdre at deirdre.net> wrote:
...
> > No, the problem is inadequate usage of permissions models that
> > distinguish between read, write and execute. It has nothing, nada,
> > zip to do with desktops.
> 
> Nope.  Given a "desktop" or whatever else you want to call it, that
> allows a non-executable data file to masquerade as being an
> executable via "double-clicking on it opens the relevant application
> on that data file", then no, this is not directly a thing of
> permissions.  At least not of file-system permissions, and arguably
> not of permissions in general, tho I'll accept contention on that
> point.
> 
> Once you start blurring the line, its really tough to say that data
> files, _under_that_environment_ are no longer effectively
> executables.

  the permissions are not all that important:

  vi rrr.pl # this is open
  perl rrr.pl # this is execute (disguised as open)

  the execute permission of rrr.pl is irrelevant (in this case). it's
how you define the 'open' action that is relevant.

  I think that instead of generic open action there should be at least
two actions: open and execute. or better yet view and execute.

  and while we're at this, the executed programs/scripts/whatever should
be (IMO) in sandbox by default. I mean, under system with proper
permissions they are in a sandbox (cannot do more then the user
executing it has rights to do), but it would be nice if there would be
more fine-grained sandbox (so that I can 'try' a program without
creating special user for it).

	erik






More information about the svlug mailing list