On Thu, 2017-12-07 at 22:04 +0100, Adam Borowski wrote: > I might be inattentive, but I did not notice a single pro mentioned > on > this thread. The only part, Windows-like "you downloaded this file > from the > Internet, it may be bad" popup, can be done with a boolean, and is > still a > dubious idea.
Pros: I periodically have to figure what former grad student have done for their computational experiments when they've left with nothing but access to their home directories. The source for where input data came from would be helpful. As a flag to indicate to automated processes, such as desktop indexers that should not blindly read a file. Cons: Metadata can be used against you. I personally would find the URL helpful when faced with trying to figure out where MyResults3.txt came from. Based on this discussion what I'd like to see: The XDG standard for where to store URL information, should also include a standard way to turn this feature on or off. Given issues with managing potentially hacked end users I would like it if toggling the state required administrator privileges. It should also be clearly defined in which situations the metadata should be removed. For instance it would be nice if copying the data between "my" computers via nextcloud or scp would preserve the attribute, but sending the file out via email or "untrusted" USB sticks would remove the attribute. That might be too hard, so a first milestone might be be moving or copying the file around the same file system should protected the attribute, and it should be stripped when the file is moved to a different file system. I don't know if xattrs can be locked to specific users, but it might also be reasonable that on multiuser systems an attribute like this should only be viewable by the owner & root. Diane
