Re: Identifying drives/volumes
- From: Alexander Larsson <alexl redhat com>
- To: Federico Mena Quintero <federico ximian com>
- Cc: "gnome-vfs-list gnome org" <gnome-vfs-list gnome org>, "gtk-devel-list gnome org" <gtk-devel-list gnome org>
- Subject: Re: Identifying drives/volumes
- Date: Wed, 20 Oct 2004 08:59:28 +0200
On Tue, 2004-10-19 at 13:14 -0500, Federico Mena Quintero wrote:
> On Tue, 2004-10-19 at 17:43 +0200, Alexander Larsson wrote:
>
> > Say you have a GnomeVFSVolume that is really a "connected server" that
> > points to file:///mnt/cdrom. When you do
> > gnome_vfs_volume_monitor_get_volume_for_path(/mnt/cdrom) you will get
> > the actual volume for the cdrom, not the connected server volume.
>
> Right. But I guess the user asked for trouble, anyway, if that happens.
>
> [How would you create such a situation from the user interface? Can you
> do it from Nautilus?]
Sure. Just connect to server and type in a file:// uri. Its not gonna be
common, but its not impossible.
> > I have a question though. How do you propose can_user_see_volume(vol)
> > will work? I mean, how would the user specify which volumes are ok and
> > which are not?
>
> That's left as an exercise for the reader. I mean, it's an
> implementation detail. Actually, it's up to the lockdown extension to
> decide that :)
>
> Say you have a configuration file that describes what the user may see.
> It could be a config file, or something you grab off of LDAP, or
> whatever.
>
> Say you are in a company, and want your employees' boxes to be locked
> down so that they can only see their home directories, the floppy, and
> the company-wide NFS share:
>
> <lockdown>
> <visible-volume base="/mnt/floppy"/>
> <visible-volume base="/mnt/nfs"/>
> <visible-folder base="/home/username"/>
> </lockdown>
>
> [Presumably, "/home/username" is generated for each user... you get the idea]
>
> The extension would turn those paths into URIs and implement
> GtkFileChooserExtension::is_volume_visible() by simple string
> comparisons, and ::is_path_visible() by testing whether one of the
> visible-folder items in the XML above is an ancestor of the path that is
> being tested.
>
> Or maybe I'm totally on crack, and this is just not the way to implement
> lockdown for the file system. What would Nautilus do? Presumably it
> has requirements that are very similar to the file chooser's.
The reason I'm asking is that its a bit hard to specify volumes. How do
you know what is availible, and where it gets mounted? If you plug in
some usb flash it'll get assigned to say /mnt/usbflash2, but you can't
depend on that, since it depends on what other usb flash devices was
plugged in before.
I guess it mostly works if you assume everything is hidden and specify
which volumes are visible. Although it might create suprises, like /tmp
being hidden since it was on a separate partition (and thus another
volume).
What if the user wants to configure lock-down like "allow access only to
cdroms and floppies, plus the root+homedir partitions? How would you
define that using paths?
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl redhat com alla lysator liu se
He's an immortal moralistic hairdresser who hangs with the wrong crowd. She's
a hard-bitten mutant museum curator with a birthmark shaped like Liberty's
torch. They fight crime!
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
