* Ingo Molnar <[EMAIL PROTECTED]> wrote:
> perhaps having a new 'immutable hardlink' feature in the Linux VFS
> would help? I.e. a hardlink that can only be readonly followed, and
> can be removed, but cannot be chmod-ed to a writeable hardlink. That i
> think would be a large enough barrier for editors/build-tools not to
> play the tricks they already do that makes 'readonly' files virtually
> meaningless.
immutable hardlinks have the following advantage: a hardlink by design
hides the information where the link comes from. So even if an editor
wanted to play stupid games and override the immutability - it doesnt
know where the DB object is. (sure, it could find it if it wants to, but
that needs real messing around - editors wont do _that_)
i think this might work.
(the current chattr +i flag isnt quite what we need though because it
works on the inode, and it's also a root-only feature so it puts us back
to square one. What would be needed is an immutability flag on
hardlinks, settable by unprivileged users.)
Ingo
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
