On Mon, 12 Mar 2001, Todd Vierling wrote:

# Date: Mon, 12 Mar 2001 17:49:24 -0500 (Eastern Standard Time)
# From: Todd Vierling <tv@wasabisystems.com>
# To: Greywolf <greywolf@starwolf.com>
# Cc: Bill Studenmund <wrstuden@zembu.com>, tech-kern@netbsd.org
# Subject: Re: Support for ACLs
#
# On Mon, 12 Mar 2001, Greywolf wrote:
#
# : # > 	If so, which fs layer(s) are we going to need to modify?  Since
# : # > 	we're doing vfs->(every_other_fs), some vfs hooks will need to
# : # > 	be put in, possibly returning EINVAL if ACL is not compiled
# : # > 	into the kernel, for example.  We'll probably need hooks into
# : # > 	ffs/ufs and nfs, as well; likely others.
# : #
# : # No, we won't. We already have VOP_ACCESS(), which determines if you have
# : # read, write, or exec privileges. To add ACL support, all we need to do is
# : # add the extra flags whatever ACL method we use adds.
# :
# : Okay, so how do we then handle modification of the ACL?  VOP_ACCESS()
# : only handles the access on the file; it does not do manipulation of
# : the access controls.
#
# Additionally, something needs to *read* the ACLs for the purposes of
# manipulation and listing, and stashing them in the vnode may not be
# appropriate (it might be variably sized, and it's a space waste)

...which is why you have a POINTER to the acl.

# -- Todd Vierling <tv@wasabisystems.com>  *  Wasabi NetBSD:  Run with it.
# -- NetBSD 1.5 now available on CD-ROM  --  http://www.wasabisystems.com/

				--*greywolf;
--
*BSD: it's not free beer, but it's free.