tech-kern: Re: Support for ACLs

Subject: Re: Support for ACLs
To: Wolfgang Rupprecht <wolfgang@wsrcc.com>
From: Todd Vierling <tv@wasabisystems.com>
List: tech-kern
Date: 03/08/2001 16:32:43
On 8 Mar 2001, Wolfgang Rupprecht wrote:

: > Most ACL implementations for ffs use a cheap flag that indicates presence of
: > extended ACL information, which would trigger further permissions checks on
: > an inode access (only when ACL support is available and/or activated for the
: > mount point).
:
: This is only the tip of the iceberg.  Think of all the userland and
: protocol changes needed just to support ACLs well.  For starters:
:
:         rcp -p      (protocol change needed)
:         nfs         (protocol change needed)
:         tar         (protocol change needed)

Not necessarily.  ACLs are not actually used by many tools on some of the
OS's that implement them (Solaris, for instance)--though I'd expect dump and
restore to be capable of preserving them, I wouldn't expect all of userland
to understand them fully.  ACLs are an extension to access protection, and
little more.

In fact, most people I've seen who want ACL availability on a Unixlike
system aren't interested in preserving them with a program that copies (two
of your examples above), but rather to restrict access in a more transparent
way to other types of programs.  On Unix systems where I've dealt directly
with ACL's, their use has been mostly for the purposes of adding permission
information to directories or setuid programs.

: Just like most program that use ttys ending up having to know about the
: invisible tty baggage, most programs that creates files end up having to
: know about ACLs.

ACLs are not the primary permission control system of a Unix OS; the
traditional owner-group-permissionbits trio are.  ACLs in a ffs-like context
are a way of expressing add-on access permissions where groups don't provide
enough flexibility.

When percieved as an add-on attachment for, rather than a replacement for,
the traditional methods of file protection, the amount of code needed to
make use of it becomes much smaller.

-- 
-- Todd Vierling <tv@wasabisystems.com>  *  Wasabi NetBSD:  Run with it.
-- NetBSD 1.5 now available on CD-ROM  --  http://www.wasabisystems.com/