Skip to content

Clarifying rights::path_filestat_set_size #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
MaulingMonkey opened this issue Mar 10, 2021 · 4 comments
Closed

Clarifying rights::path_filestat_set_size #28

MaulingMonkey opened this issue Mar 10, 2021 · 4 comments

Comments

@MaulingMonkey
Copy link
Contributor

rights::path_filestat_set_size's definition seems fairly ambiguous to me - the current wording is extremely general, "The right to change a file's size.", but then it only describes it's interaction with open. I can't tell if it's meant to:

  1. apply broadly to a bunch of syscalls (allocate, filestat_set_size, pwrite/write if extending the file size), or some subset of those, and if so - if it implies, or is implied by, or is required in tandem with related sizing rights that control those syscalls (rights::fd_allocate, rights::fd_filestat_set_size)

or perhaps, at the other extreme:

  1. apply only to truncation via open, with the original naming being just to match POSIX.
@sunfishcode
Copy link
Member

The background here is that this is evolved from CloudABI's RIGHT_STAT_FPUT_SIZE, which says:

The right to invoke [file_stat_fput] with [fsflags.size].

If [rights.file_open] is set, includes the right to invoke [file_open] with [oflags.trunc].

In WASI terms, this means it applies to filestat_set_size and path_open but not allocate or pread/pwrite.

With that said though, this is a clear example of a broader observation that several people have had about WASI: the rights system is complex to implement, even more complex to use, and not very valuable in practice. On one hand it's too complex for simple use cases where a simple "readonly" flag would suffice, and on the other it's too limiting for many advance use cases, because you only get a bitfield of operations which are either always enabled or always disabled for a given handle. And we'll have other ways to handle the complex use cases, with API virtualization.

So I expect we'll want to simply remove the rights system, rather than put a lot of effort into specifying exactly what each of the rights means.

@sunfishcode
Copy link
Member

One thing I should be clear about here is that if individual APIs, such as wasi-nn or wasi-crypto or any others want to have a rights system, they can still do so. My comment here is just about the rights system as it applies to wasi-filesystem, and as I expect it would apply to a wasi-sockets proposal.

@sunfishcode sunfishcode transferred this issue from WebAssembly/WASI Mar 10, 2021
@MaulingMonkey
Copy link
Contributor Author

Fair enough! It's certainly dead weight for my own use cases.

While someone may want permission APIs for the filesystem in the future - perhaps OpenBSD style pledge / unveil - said APIs can always be added later, if/when there are actual motivating use cases and codebases that will take advantage of said APIs.

@MaulingMonkey MaulingMonkey mentioned this issue Mar 16, 2021
Closed
2 tasks
@sunfishcode sunfishcode mentioned this issue Apr 13, 2021
Closed
@sunfishcode
Copy link
Member

#31, removing the rights system, is the path forward here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MaulingMonkey @sunfishcode