With all the recent discussion about ACLs and Linux on
linux-kernel, I was wondering why the ACL implementations
for Linux are based off the withdrawn POSIX 1003.1e draft
17?
Is there any particular reason why this was chosen for
the basis for the Linux ACL system, besides the fact
that its what everybody else did? (It is a only a
withdrawn draft after all, there's no reason to actually
follow it...)
Wouldn't a more flexible solution, perhaps one based on
the NFSv4 ACL design[1] be better?
Because the NFSv4 design is in effect a superset of the
POSIX 1003.1e draft functionality, all Unix filesystems
with ACLs could be easily supported by the Linux VFS, and
the task of implementing NFSv4, NTFS, and SMB would be
made easier[2] because of it.
Thanks, Nicholas
[1] Actually, it was the Windows NT/2000/XP design first...
[2] The VFS would still need some means of mapping the SIDs
used by SMB and NTFS and the UTF-8 strings used by NFSv4 to
usable uid_t's and gid_t's, but at least the ACLs would be
easy.
Nicholas Miell writes:
> With all the recent discussion about ACLs and Linux on
> linux-kernel, I was wondering why the ACL implementations
> for Linux are based off the withdrawn POSIX 1003.1e draft
> 17?
As a group, we are short-sighted herd followers.
> Is there any particular reason why this was chosen for
> the basis for the Linux ACL system, besides the fact
> that its what everybody else did? (It is a only a
> withdrawn draft after all, there's no reason to actually
> follow it...)
>
> Wouldn't a more flexible solution, perhaps one based on
> the NFSv4 ACL design[1] be better?
Of course it would be better, but then we'd all argue over
the details. (compatibility, API, user interface...)
> Because the NFSv4 design is in effect a superset of the
> POSIX 1003.1e draft functionality, all Unix filesystems
> with ACLs could be easily supported by the Linux VFS, and
> the task of implementing NFSv4, NTFS, and SMB would be
> made easier[2] because of it.
Sure. Problem is, few have seen NFSv4 ACLs. There is also a
prejudice against anything that even remotely resembles NT,
never minding if it is better or is what businesses want.