Subject: Re: Support for ACLs
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Todd Vierling <>
List: tech-kern
Date: 03/08/2001 16:26:02
On Thu, 8 Mar 2001, der Mouse wrote:

: I'd rather see the "attached files" suggestion implemented (mechanism,
: not policy, y'know); using an attached file to implement ACLs could be
: a (truly optional) "feature".

There are many ways to address ACLs; one possibility is an ACL file, stored
in the fs much like a quota data file.  There's the attached files
suggestion.  And there's the prior art in direct inode attachment, which
could result in a bare minimum of code to manage their allocation without
full ACL support.  All are possible scenarios, and I haven't personally
ruled any out.

: > We'd like to return to discussing the technical aspects of ACLs now,
: > so please take your nonsense somewhere else.

: I don't know what "we" you think you're speaking for here (I don't
: think I've seen more than one voice raised, besides yours, in support
: of doing ACLs), but this *is* discussing the technical aspects of ACLs
: - specifically, whether (not how) they should be added to the main
: NetBSD tree.

We have to step down from this perception of the almighty, untouchable
NetBSD source tree.  NetBSD is an evolving creature; if you don't want
change, don't update your system.  New features are, and will, be added
because there are groups of people who find them useful; that is the
precondition for implementing new features.

Whether ACLs should be added to the NetBSD source tree should never be based
on arguments of "it's not the BSD way" and "I don't like them in my system."
That decision should be based *solely* on whether it benefits a decent
number of users without negatively impacting others.

Make sure you understand the last four words of the previous sentence; we do
try to keep everyone in mind when creating new major features.  Our track
record on that front isn't impressive, but we have been improving.

:  It sounds to me as though you've already made up your
: mind that they should be and are not interested in any possible
: arguments that disagree with that, preferring instead to use words like
: "nonsense" and "rant" to attack any such arguments.

We haven't even reached far enough into the discussion to determine the
technical feasibility or impact of ACLs yet, and already people are trying
to shoot the damned idea down with page-sized paragraphs that boil down to
"I don't like the idea."  I feel quite justified in calling those "nonsense"
and "rants."

-- Todd Vierling <>  *  Wasabi NetBSD:  Run with it.
-- NetBSD 1.5 now available on CD-ROM  --