[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Vnode scope
>First, why wouldn't it work with an AFS client? (I don't know AFS)
>Second, I don't think we should hold back on features, especially ones
>that have the potential to work right away with all file-systems we have
>have *and* add ACLs to them -- all using kernel code that's already in
>place -- because of one file-system that isn't even implemented.
Matt has already addressed these points, but to answer:
- From your description, all access decisions would be moved into the vnode
layer, instead of particular filesystem layer. AFS makes it's own
authorization decisions using it's own identity space and it's own ACL
structure (admittedly, a lot of that happens on the server, but not
- I was not aware of this before, but it sounds like Matt is almost finished
with an implementation of an AFS client.
- If, like Matt said, each filesystem can create a kauth() listener to
implement it's own authorization layer, then it will not be an issue.
- Is this the same thing that FreeBSD implemented? I ask because you said
that they're supported in FreeBSD...
Main Index |
Thread Index |