Critical Section

file permissions

Friday,  02/03/06  07:01 PM

<rant superfluous=yes.

I have a question.  Have you ever used OS file permissions?

I have not.  Ever.

I have been programming for 30 years.  I have developed many sensitive and secure applications, including large financial transaction systems, online bill payment systems, internet financial services, and now medical imaging applications.  I have never used OS file permissions.  Ever.  Furthermore I am confident that I will never use them.

Every OS should have a checkbox at the admin/root level that says “I don’t want to use file permissions”.  That single thing would save hundreds thousands of hours of aggravation, trying to get file permissions out of the way so you can do something that would otherwise just work.  At least with Unix / Linux if you’re root you can chmod files and directories and there you are.  I always setup a way to get to root easily (sudo, syscmd) just for this purpose.  However with Windows the file permission story is much more complicated.  I often can’t figure it out, and have to resort to copying files, random editing of directory permissions, etc., in an effort just to get the file permissions out of the way.  MacOS is almost as obtuse as Windows, by the way.

Any application that actually needs file permissions probably can’t rely on the OS, anyway, because it is too hard to get them right.  Only simple things work for security, and file permissions are not simple.  I know of an application that stores all its data in ZIP files just because that way the password mechanism can be used to protect the data.  That’s pretty weird but it works, because it is simple.  Most “real” applications store data in a database, and the database provides the protection.  That can be complicated but not that complicated, so it also works.  File permissions at the OS level just don’t work.

So the moral of this story is that if you ever design an operating system, don’t have file permissions.  Thanks for listening.


this date in:
About Me

Greatest Hits
Correlation vs. Causality
The Tyranny of Email
Unnatural Selection
On Blame
Try, or Try Not
Books and Wine
Emergent Properties
God and Beauty
Moving Mount Fuji
The Nest
Rock 'n Roll
IQ and Populations
Are You a Bright?
Adding Value
The Joy of Craftsmanship
The Emperor's New Code
Toy Story
The Return of the King
Religion vs IQ
In the Wet
solving bongard problems
visiting Titan
unintelligent design
the nuclear option
estimating in meatspace
second gear
On the Persistence of Bad Design...
Texas chili cookoff
almost famous design and stochastic debugging
may I take your order?
universal healthcare
triple double
New Yorker covers
Death Rider! (da da dum)
how did I get here (Mt.Whitney)?
the Law of Significance
Holiday Inn
Daniel Jacoby's photographs
the first bird
Gödel Escher Bach: Birthday Cantatatata
Father's Day (in pictures)
your cat for my car
Jobsnotes of note
world population map
no joy in Baker
vote smart
exact nonsense
introducing eyesFinder
to space
where are the desktop apps?
still the first bird
electoral fail
progress ratches
2020 explained