Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965146AbVJEMhE (ORCPT ); Wed, 5 Oct 2005 08:37:04 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S965153AbVJEMhE (ORCPT ); Wed, 5 Oct 2005 08:37:04 -0400 Received: from free.hands.com ([83.142.228.128]:9384 "EHLO free.hands.com") by vger.kernel.org with ESMTP id S965146AbVJEMhB (ORCPT ); Wed, 5 Oct 2005 08:37:01 -0400 Date: Wed, 5 Oct 2005 13:36:46 +0100 From: Luke Kenneth Casson Leighton To: Nikita Danilov Cc: Marc Perkel , linux-kernel@vger.kernel.org Subject: Re: what's next for the linux kernel? Message-ID: <20051005123646.GY10538@lkcl.net> References: <20051002204703.GG6290@lkcl.net> <4342DC4D.8090908@perkel.com> <200510050122.39307.dhazelton@enter.net> <4343694F.5000709@perkel.com> <17219.39868.493728.141642@gargle.gargle.HOWL> <20051005095653.GK10538@lkcl.net> <17219.43860.610103.628963@gargle.gargle.HOWL> <20051005111305.GS10538@lkcl.net> <17219.50271.962920.26612@gargle.gargle.HOWL> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <17219.50271.962920.26612@gargle.gargle.HOWL> User-Agent: Mutt/1.5.5.1+cvs20040105i X-hands-com-MailScanner: Found to be clean X-MailScanner-From: lkcl@lkcl.net Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1452 Lines: 49 On Wed, Oct 05, 2005 at 04:17:35PM +0400, Nikita Danilov wrote: > Luke Kenneth Casson Leighton writes: > > [...] > > > > That's exactly the point: Unix file system model is more flexible than > > > alternatives. > > > > *grin*. sorry - i have to disagree with you (but see below). > > > > i was called in to help a friend of mine at EDS to do a bastion sftp > > server to write some selinux policy files because POSIX filepermissions > > could not fulfil the requirements. > > First, I was talking about flexibility attained through the separation > of notions of file and index. oh, right. > You just claimed elsewhere that this is > the direction ntfs took with a leap of a few steps, possibly: certainly directly i don't remember doing so. > (with the introduction of hard-links). > Then, every security model has its weakness and corner cases. Try to > express > > rw-r-xrw- (0656) > > POSIX bits with canonical NT ACLs (hint: in NT allow-ACEs are > accumulated). they used not to be. accumulative inherited ACLs were introduced in NT 5.0. and is accumulated ACLs such a bad thing? it's certainly more space-efficient and administrative-efficient. l. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/