Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Thu, 31 Oct 2002 11:58:22 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Thu, 31 Oct 2002 11:58:19 -0500 Received: from relay.snowman.net ([63.80.4.38]:33029 "EHLO relay.snowman.net") by vger.kernel.org with ESMTP id ; Thu, 31 Oct 2002 11:58:15 -0500 Date: Thu, 31 Oct 2002 12:04:36 -0500 From: Stephen Frost To: Oliver Xymoron Cc: Alexander Viro , Linus Torvalds , Rusty Russell , linux-kernel@vger.kernel.org Subject: Re: What's left over. Message-ID: <20021031170435.GS15886@ns> Mail-Followup-To: Oliver Xymoron , Alexander Viro , Linus Torvalds , Rusty Russell , linux-kernel@vger.kernel.org References: <20021031163650.GC25906@waste.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="UJL6Ehwkp4s1typS" Content-Disposition: inline In-Reply-To: <20021031163650.GC25906@waste.org> User-Agent: Mutt/1.4i X-Editor: Vim http://www.vim.org/ X-Info: http://www.snowman.net X-Operating-System: Linux/2.4.18 (i686) X-Uptime: 11:58:56 up 88 days, 19:34, 12 users, load average: 0.08, 0.07, 0.08 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1908 Lines: 50 --UJL6Ehwkp4s1typS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Oliver Xymoron (oxymoron@waste.org) wrote: > On Wed, Oct 30, 2002 at 09:43:29PM -0500, Alexander Viro wrote: > > Because People Are Stupid(tm). Because it's cheaper to put "ACL suppor= t: yes" > > in the feature list under "Security" than to make sure than userland ca= n cope > > with anything more complex than "Me Og. Og see directory. Directory = Og's. > > Nobody change it". C.f. snake oil, P.T.Barnum and esp. LSM users >=20 > It's nearly useless in a Unix-only context, true, however there's a rather > serious impedance mismatch for serving files to Windows that this > addresses. Emulating ACLs on the fly with groups to fit into the > Windows model is mostly doable but ain't pretty.=20 It's only nearly useless if you have some desire as an admin to constantly be creating groups and changing group lists for users. This is not a feature which is useful only when serving files to Windows machines, not even nearly. AFS, Solaris, Irix etc have support for ACLs and have a great deal of people who use them. The simple yet common situation of one user who wants to give even just read access to another specific user for a given file is a pain in the ass to deal with given the current structure. Stephen --UJL6Ehwkp4s1typS Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) iD8DBQE9wWKjrzgMPqB3kigRAvf9AKCXKZ7bLf1zaFkV+j9/kgc3+aah3ACeMthi dmHh2saMe6wcSc/3rAwhe4M= =2B7r -----END PGP SIGNATURE----- --UJL6Ehwkp4s1typS-- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/