PROPOSAL: extend UNIX_INFO2 to mark existence of ACLs

Christopher R. Hertel crh at ubiqx.mn.org
Fri Jan 25 03:57:08 GMT 2008 

George,

I don't think that they're "arguments", per. se.  We're just trying to get a
handle on what James is suggesting and how it might interact with other file
systems.

There are several flavors of ACL and a lot of schemes for mapping settings
from one type to another.  MacOS, for instance, uses a POSIX-style API to
access and control ACLs with settings that are similar to Windows ACLs.  I
know of at least one file system that keeps both POSIX permission bits (not
full ACLs) *and* Windows security descriptors.

Again, we're just trying to get a handle on it.

Chris -)-----

George Colley wrote:
> Man I didn't think things would get this crazy. I have a little reading
> to do before comment further, but really all we want was for a client to
> know if the posix modes were the only security on the file. I would
> prefer only going across the wire to get the acl if one exits. Let me
> read the whole thread and see if I can figure out all the arguments.
> 
> George
> On Jan 23, 2008, at 10:19 AM, Christopher R. Hertel wrote:
> 
>> I have been reading those papers recently, and have tried pinging him
>> once
>> or twice.  I haven't heard back.
>>
>> Steve French wrote:
>>> Possibly useful background, Andreas's paper from a few years ago
>>> describes some of the issues involved with mode bits, POSIX ACLs, CIFS
>>> and NFSv4 ACLs:
>>>
>>> http://www.suse.de/~agruen/acl/linux-acls/online/
>>>
>>> and a more recent paper on NFSv4 ACLs and Linux
>>> http://www.suse.de/~agruen/agruen-nfs4acl.pdf
>>>
>>> Does anyone know what ever happened with the per-mount permission model
>>> he suggested:
>>> http://www.suse.de/~agruen/permission-models.pdf
>>>
>>
>> --"Implementing CIFS - the Common Internet FileSystem"    ISBN:
>> 013047116X
>> Samba Team -- http://www.samba.org/    -)-----     Christopher R. Hertel
>> jCIFS Team -- http://jcifs.samba.org/  -)-----  ubiqx development, uninq
>> ubiqx Team -- http://www.ubiqx.org/    -)-----          crh at ubiqx.mn.org
>> OnLineBook -- http://ubiqx.org/cifs/   -)-----             crh at ubiqx.org
> 

-- 
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the samba-technical mailing list