Hi, On Mon, Feb 04, 2002 at 06:40:53PM -0500, Darrell McGuire wrote: > I was wondering if there was any talk regarding the possible inclusion > into either kernel 2.4.x or 2.5.x of a general and standard ACL > interface for file system security. I've used the ACL patch from > acl.bestbits.at on ext3 & love it dearly except for the quota issues. > Despite those issues I absolutely could not live without ACL's > on large file servers with a few hundred or thousand users. > > I understand and respect the fact that the ext3 team doubtless has many > other concerns, and I am able to make due with kernel patches fine. > I am interested more in long range plans; perhaps through a 3 way > convergence > between the Posix ACL team, the XFS team, and the ext3 team. Yes. The bestbits ACL code has major problems as a generic extended attributes mechanism, which is my main concern with the current code. It is fine for ACLs, where many files are expected to share the same set of permissions; but for generic EAs, if each file has a distinct set of EAs then it forces each file to consume a whole block just for the EAs. We need something more space-efficient with EAs before I'd be comfortable with it in the main kernel, and Daniel Phillips has a design scratched out for that. Cheers, Stephen
