tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Vnode scope
On Tue, May 12, 2009 at 04:22:55AM +0300, Elad Efrat wrote:
> Well, that's half true, and I've stated this as a shortcoming of my
> proposal. However, keep in mind that we don't have NFSv4 (yet), nor
> UFS extended attributes are getting used (I'm willing to bet that
> nobody is using NetBSD with ACLs in extattrs). Can't comment on what
> sort of access control AFS provides, but I'm pretty sure that if NTFS
> had ACL support it would not be listed as the last item in its TODO
> list along with a comment that states "though usefullness of such
> feature is arguable".
These are all things we *should* have, and rearchitecting the system
so they won't work is not a step in the right direction.
> I'm not aware of the complete details of what the parties who
> discussed this idea decided, but I will point out that people expect a
> way to write code that goes like "if (this_is_allowed) { do_it(); }",
> and taking that a way is a serious regression (think TOCTOU races).
Yes, that's the point. The intent is to move a lot more locking
operations inside the FSes and out of VFS code; the associated access
checks need to be done inside the lock scope and therefore would need
to be in the FS.
--
David A. Holland
dholland%netbsd.org@localhost
Home |
Main Index |
Thread Index |
Old Index