* System Policy for Filenames
@ 2012-06-22 9:06 Aaron Peterson
[not found] ` <CANZ96zW4BX4jXP+ZBj2380QJ3gB_yOWa6VgFn9gHBeDq1qc4Lg@mail.gmail.com>
0 siblings, 1 reply; 3+ messages in thread
From: Aaron Peterson @ 2012-06-22 9:06 UTC (permalink / raw)
To: linux-btrfs
Hello btrfs group:
I would like to make a system policy that restricts the characters
used in a filename, tests filenames by regular expression, and
enforces case-insensitive-compatible exclusivity.
Where should I start?
I am trying to solve a few problems for my catproof Linux project.
* Compatibility with other systems.
* Protect users from "-rf", or "*" files that mess with shell
expansion and poorly written shell scripts.
* possibly ensure that I can type the filenames, and defend against
look-alike characters
(This would preferably just come up as a warning, KDE converts a "/"
in a filename to a look-alike and broke my system, but I recognize
that I will need to access file names in multiple languages)
Thank you!
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: System Policy for Filenames
[not found] ` <CAK43AWthZ5Y3Rjkp6EduXO17J7Paz7SHYj_qOUbpwHyVQ_JKRQ@mail.gmail.com>
@ 2012-06-26 18:28 ` Aaron Peterson
2012-06-27 0:39 ` Fajar A. Nugraha
0 siblings, 1 reply; 3+ messages in thread
From: Aaron Peterson @ 2012-06-26 18:28 UTC (permalink / raw)
To: linux-btrfs
Billy,
Thank you! I will look into FUSE.
Ultimately, I want my / to be mounted with these rules, I will need a
boot loader to be able to handle it.
I am wondering if filesystem software has hooks for AppArmor or
SELinux, or some other Linux Security Module would be appropriated to
add to filesystem code?
Also, I tried joining a linux-fsdev mailing list, but it appears to be defunct.
Oh, This is interesting:
http://www.dwheeler.com/essays/fixing-unix-linux-filenames.html
-AP
>
>
> On Tue, Jun 26, 2012 at 11:03 AM, Billy Crook <billycrook@gmail.com> wrote:
>> On Fri, Jun 22, 2012 at 4:06 AM, Aaron Peterson
>> <myusualnickname@gmail.com> wrote:
>>> I would like to make a system policy that restricts the characters
>>> used in a filename, tests filenames by regular expression, and
>>> enforces case-insensitive-compatible exclusivity.
>>>
>>> Where should I start?
>>
>> I would find a filesystem-agnostic mailinglist. None of these
>> objectives appear to have anything to do with btrfs. There is
>> probably a generic fs layer that would be the appropriate place for
>> this, if not FUSE.
>>
>> You might also consider forcing users to access the fs through SAMBA
>> which has similar capabilities already.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: System Policy for Filenames
2012-06-26 18:28 ` Aaron Peterson
@ 2012-06-27 0:39 ` Fajar A. Nugraha
0 siblings, 0 replies; 3+ messages in thread
From: Fajar A. Nugraha @ 2012-06-27 0:39 UTC (permalink / raw)
To: Aaron Peterson; +Cc: linux-btrfs
On Wed, Jun 27, 2012 at 1:28 AM, Aaron Peterson
<myusualnickname@gmail.com> wrote:
> Billy,
>
> Thank you! I will look into FUSE.
>
> Ultimately, I want my / to be mounted with these rules, I will need a
> boot loader to be able to handle it.
Try looking at how ubuntu live cd works. Last time I check, it can use
unionfs-fuse as "/" to make the read-only cd media appear "writable"
live session. Something similar should be applicable to your needs.
> I am wondering if filesystem software has hooks for AppArmor or
> SELinux, or some other Linux Security Module would be appropriated to
> add to filesystem code?
Not that I know of.
--
Fajar
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2012-06-27 0:39 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-06-22 9:06 System Policy for Filenames Aaron Peterson
[not found] ` <CANZ96zW4BX4jXP+ZBj2380QJ3gB_yOWa6VgFn9gHBeDq1qc4Lg@mail.gmail.com>
[not found] ` <CAK43AWthZ5Y3Rjkp6EduXO17J7Paz7SHYj_qOUbpwHyVQ_JKRQ@mail.gmail.com>
2012-06-26 18:28 ` Aaron Peterson
2012-06-27 0:39 ` Fajar A. Nugraha
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.