[LUNI] trash

Martin Maney maney at pobox.com
Tue Nov 12 22:28:05 CST 2002 

Okay, bunch of ideas have bubbled up here.  Do any of them sound like a
good fit?

On Tue, Nov 12, 2002 at 10:07:22PM -0600, shaun beier wrote:
> permissions on deleting things. Basically, any user to the computer can not 
> have the ability to delete any file in this directory, but they still need 
> to be able to write files to it, which is what stops me from simply removing 
> the write privleges from the directory.

So they have limited access to the unerasable directory.  How unnatural
can you make that access be?  Imagine a directory whcih they have no
write access to at all, plus a setuid program that only allows them to
create a file and write to it once.  (this is actually being written
last, after having worked through some other ideas below - this is a
less transparent version of the access control a modified NFS server
might offer.)

> That is the long story of the problem that I am trying to deal with. If 
> anyone can suggest another program that has real time non stop file 
> monitoring, then I would be happy to take a look at that. I have not not 
> found any software to do this however.

You don't want *monitoring* software: you want a storage mechanism that
does not permit erasing or overwriting.  Sort of like a Write-Once,
Read-Many memory.

Hmmm.  WORM drives exist...

> Also, if anyone knows how to restrict deleting privleges to a
> directory by a user, then that would be helpful also.

Maybe you could do this with ACLs.  Maybe.

Another purely software approach would be to place the unerasable store
on another machine and NFS (etc.) mount it to the user-access machine. 
The software would be relatively small changes to the NFS server to
cuase it to fail any attempt to erase or overwrite a file.  I suspect
that will actually be a bit more involved than it sounds...

-- 
...and of course you must be careful not to overwrite the bounds of
memory blocks, free a memory block twice, forget to free a memory block,
use a memory block after it's been freed, use memory that you haven't
explicitly allocated, etc.  We C++ programmers have developed tricks
to help us deal with this sort of thing, in much the same way that people
who suffer severe childhood trauma develop psychological mechanisms to
insulate themselves from those experiences.  -- Joseph A. Knapka

More information about the luni mailing list