<<< The galactic center


Friday, February 03, 2006 07:09 PM >>>

file permissions

Friday,  02/03/06  07:01 PM

<rant superfluous=yes.

I have a question.  Have you ever used OS file permissions?

I have not.  Ever.

I have been programming for 30 years.  I have developed many sensitive and secure applications, including large financial transaction systems, online bill payment systems, internet financial services, and now medical imaging applications.  I have never used OS file permissions.  Ever.  Furthermore I am confident that I will never use them.

Every OS should have a checkbox at the admin/root level that says “I don’t want to use file permissions”.  That single thing would save hundreds thousands of hours of aggravation, trying to get file permissions out of the way so you can do something that would otherwise just work.  At least with Unix / Linux if you’re root you can chmod files and directories and there you are.  I always setup a way to get to root easily (sudo, syscmd) just for this purpose.  However with Windows the file permission story is much more complicated.  I often can’t figure it out, and have to resort to copying files, random editing of directory permissions, etc., in an effort just to get the file permissions out of the way.  MacOS is almost as obtuse as Windows, by the way.

Any application that actually needs file permissions probably can’t rely on the OS, anyway, because it is too hard to get them right.  Only simple things work for security, and file permissions are not simple.  I know of an application that stores all its data in ZIP files just because that way the password mechanism can be used to protect the data.  That’s pretty weird but it works, because it is simple.  Most “real” applications store data in a database, and the database provides the protection.  That can be complicated but not that complicated, so it also works.  File permissions at the OS level just don’t work.

So the moral of this story is that if you ever design an operating system, don’t have file permissions.  Thanks for listening.