ACLtorture and code checking tool

Andrew Bartlett abartlet at samba.org
Fri Jun 17 10:25:20 GMT 2005


On Fri, 2005-06-17 at 11:42 +0200, Christoph Klein wrote:
> Hi Jerry,
> On Thu, Jun 16, 2005 at 02:40:24PM -0500, Gerald (Jerry) Carter wrote:
> > Chris, do you mean implementation a new ACL model for an existing
> > Linux filesystem ?  Or do you mean implementing a new mapping
> > of Windows ACLs onto file system acls?
> No, IMHO the posix_acl code within samba does the best it can to map
> between the worlds. But i think that a lot of people have more
> complicated setups, and need finer grained rights. And to compete as a
> fileserver with windows a windowish ACL model is a must. Thats why i
> want to implement this new system. I plan to write a lsm module module
> to have the kernel code fs independent.

See the ntacl-lsm module in lorikeet.  This is how we are trying to
handle this in Samba4.  I'm told we need some more kernel-side hooks
however.

Talk to tpot about it, and how it can be finished off.  It will be good
to see this area moving again!

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc.        http://suse.de
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050617/03e72b4d/attachment.bin


More information about the samba-technical mailing list