In some email I received from Don Lewis, they wrote:
> 
> How is this ACL stuff going to affect all the user-land code that
> calculates access permissions by calling stat(), getuid(), getgroups()
> because of the generations of programmers that have been told the evils
> of calling access().

Typically, additions are needed here...stat() might return something to
indicate the presence of an ACL or you may need to do acl_stat() which
returns -1 or 0 (no-ACL, acl).  Then a acl_get() and other related system
calls or functions to work with it.

The presence of the ACL is hidden to access() (ACL processing should be
done inside the kernel) and I can't see how/why it would affect getuid
or getgroups or access checking done.  The normal modes aren't removed.

What needs to be considered carefully is in which order and with what
hierarchy does the ACL have wrt owner/group/other permissions ?

> How is the ACL stuff going to interact with NFS?  If the ACL info is
> stored on the server, how is the client supposed to check whether a
> process is allowed to open() a file based on the (possibly cached)
> attributes it fetched from the server.

All implementations I've seen make the presence of ACLs invsible over
NFS (you can't see/access them) but the server does take them into account
when it does permissions checking.

Darren