Re: [PATCH v18 00/22] Richacls (Core and Ext4)
From: Christoph Hellwig
Date: Tue Mar 15 2016 - 03:12:09 EST
On Fri, Mar 11, 2016 at 05:11:51PM +0100, Andreas Gruenbacher wrote:
> > while breaking a lot of assumptions,
> The model is designed specifically to be compliant with the POSIX
> permission model. What assumptions are you talking about?
People have long learned that we only have 'alloc' permissions. Any
model that mixes allow and deny ACE is a mistake.
> > especially by adding allow and deny ACE at the same time.
> I remember from past discussions that a permission model like the
> POSIX ACL model that doesn't have DENY ACEs would be more to your
> liking. This argument is dead from the start though: NFSv4 ACLs
> without DENY ACEs cannot represent basic file permissions like 0604
> where the owning group has fewer permissions than others, for example
> (see the richaclex(7) man page). We would end up with a permission
> model that isn't even compatible with the traditional POSIX file
> permission model, one which nobody else implements or cares about.
So let's stick to the model that we already have.