[nfsv4] Windows/NFSv4 ACL interoperability

Yoder, Alan agy at netapp.com
Tue Mar 28 06:46:46 GMT 2006

I'd guess that these threads also prove that POSIX ACLs 
are "not usable or easily understood even by people with 
research degrees in computer science." 

Your assertion regarding usable security--which I agree 
with at the philosophical level--is tough to validate by 
looking at market acceptance of the alternatives.


Alan G. Yoder                                    agy at netapp.com
Technical Staff                           
Network Appliance, Inc.                            408-822-6919

> -----Original Message-----
> From: Jeremy Allison [mailto:jra at samba.org] 
> Sent: Monday, March 27, 2006 5:44 PM
> To: J. Bruce Fields; Yoder, Alan; Gardere_Daniel at emc.com; 
> samba-technical at lists.samba.org; nfsv4 at ietf.org; 
> Roche_Francois at emc.com
> Subject: Re: [nfsv4] Windows/NFSv4 ACL interoperability
> On Mon, Mar 27, 2006 at 06:10:28PM -0600, Nicolas Williams wrote:
> > The Windows ordering is done in the GUI/libraries, not in 
> the kernel.
> > 
> > Cygwin has exploited this in the past to emulate POSIX 
> modes much as one
> > might use this to emulate POSIX Draft ACLs.
> > 
> > > So the problem is just with stuff like a posix user 
> setting a bunch of
> > > long carefully crafted ACLs and then a Windows user not 
> being able to
> > > read them and blowing them away in an attempt to modify them.
> > > 
> > > To a certain extent that kind of problem may be 
> unavoidable.  But we may
> > > have some control over how common it is and how 
> gracefully we fail.
> > 
> > I agree.  The right solution is to move away from POSIX Draft ACLs.
> I disagree. POSIX draft ACLs are the right level of complexity for
> administrators to handle, and the Gnome and KDE GUI's are starting
> to be able to handle them. Windows ACLs are completely overdesigned
> and (as these threads adequately prove), not usable or easily 
> understood
> even by people with research degrees in computer science.
> In terms of *usable* security (which IMHO is the only kind 
> that matters
> in the real world) POSIX ACLs are far superiour to Windows/NFSv4 ACLs.
> Jeremy.

More information about the samba-technical mailing list