straw poll for "veto files" [was Re: "veto files" problem]

[TAKAHASHI Motonobu]

David Collier-Brown wrote:
>1a) Right now, the benefit is that veto'd files can be
>    written to but not read from (or read for execution).
>
>    This is a useful tool for secure system's logs, and
>    for school's dropboxes, although the implementation is
>    not complete for either: you can't see if you've dropped
>    anything in the dropbox, and you can overwrite logs you
>    can't read.

Unfortunately this is not true, so this is not useful for both of
them...

 -  You cannot write veto'ed filename directly.
    You can only rename non-veto'ed filename to veto'ed filename.

 -  You can overwrite existed a file of veto'ed filename to rename
    (move) a file of non-veto'ed filename.

Anyway,

>All in all, I argue it's better to change it.  With Mr. Sorce,
>I suspect we might want to be prepared to put in an option
>to restore the previous behavior if we find someone using it.

I agree this.

-----
TAKAHASHI, Motonobu(monyo)         monyo at samba.org

Samba Team - http://samba.org/     Samba-JP - http://www.samba.gr.jp/  
JWNTUG - http://www.jwntug.or.jp/  Analog-JP - http://www.jp.analog.cx/
MCSE+I, MCSE(W2K), SCNA, CCNA, Turbo-CI