"Albert D. Cahalan" <acahalan@cs.uml.edu>:
> Michael Gerdts writes:
>
> > When implementing ACL's please read over section 5.9 of the NFSv4 draft.
> > http://www.ietf.org/internet-drafts/draft-ietf-nfsv4-07.txt
> >
> > By designing ACL's (and other things) to work well with NFSv4 from the
> > start, reiserfs will likely have a leg up on the competition inside and
> > outside of the Linux arena for being able to support NFSv4.
>
> Wow, that is almost pure NT 4.0, with 4 of 7 authors being from Sun!
> The only difference is that the 17 access mask bits are all specific;
> there is no concept of mapping generic bits to object-specific bits.
> The inheritance, types, and scanning algorithm are all from NT.
No, it's not pure NT, for which we can be very thankful. In particular,
it's not the case that you have to scan up the entire directory
hierarchy looking to see which ACL's might apply to a particular file.
Access control entries only apply apply to the current directory or
file, and while certain ACE's can be marked as be "inheritable" in a
directory, it only applies to newly created files, not all files
underneath that directory.
(In NT, if "bob" is given access to /usr, the he has access to /usr/lib,
/usr/local, /usr/bin, /usr/etc, /usr/home/tytso/Mail, etc. You have to
scan all of the ACL's up to the root whenever you make an access
decision. This is slow and painful, and doesn't have much semantic
meaning in the presence of hard links --- which NT doesn't have.)
- Ted
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:24 EST