Subject: Re: Access Control Lists
To: Pavel Cahyna <firstname.lastname@example.org>
From: Bill Studenmund <email@example.com>
Date: 05/03/2006 08:49:10
Content-Type: text/plain; charset=us-ascii
On Wed, May 03, 2006 at 03:30:47PM +0200, Pavel Cahyna wrote:
> On Tue, May 02, 2006 at 03:14:31PM +0200, Elad Efrat wrote:
> > Brett Lymn wrote:
> > > Do you mean POSIX ACL's here?
> > I hope not. :)
> The best thign would be to have the ACL models pluggable, so if somebody
> wants POSIX ACLs he can compile in/load the appropriate module. I would
> prefer POSIX ACLs, but I know that people seem to prefer the Windows NT
Well, POSIX ACLs aren't really used much. All of the new work I'm familiar=
with is moving with NT ACLs, including NFSv4.
> > > ok but how to you find these chunks of data on the media if there are
> > > no pointers to them? How do you associate files in a file system with
> > > a blob entry? How are the tools that need to manipulate the ACL
> > > entries going to find the ACL data on the media?
> > That's exactly why I removed ACLs from the projects page. The real work
> > will be to do the underlying implementation, which has nothing to do
> > with ACLs but more with file meta-data.
> > A project that fits in the SoC time-frame and would be the first logical
> > move in this direction is Adding subfiles to FFS:
> > http://www.netbsd.org/contrib/projects.html#addsubfiles
> What have subfiles to do with ACLs?
Where do you think we put them? :-)
As Elad noted, we need a STRONG way to associate the ACL with the rest of=
the file, and subfiles-for-storage are a good option.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)
-----END PGP SIGNATURE-----