2015-09-18 2:56 GMT+02:00 J. Bruce Fields <bfields@xxxxxxxxxxxx>: > On Thu, Sep 17, 2015 at 02:22:19PM -0400, bfields wrote: >> On Sat, Sep 05, 2015 at 12:27:08PM +0200, Andreas Gruenbacher wrote: >> > ACLs are considered equivalent to file modes if they only consist of >> > owner@, group@, and everyone@ entries, the owner@ permissions do not >> > depend on whether the owner is a member in the owning group, and no >> > inheritance flags are set. This test is used to avoid storing richacls >> > if the acl can be computed from the file permission bits. >> >> We're assuming here that it's OK for us to silently rearrange an ACL as >> long as the result is still equivalent (in the sense that the permission >> algorithm would always produce the same result). >> >> I guess that's OK by me, but it might violate user expectations in some >> simple common cases, so may be worth mentioning in documentation >> someplace if we don't already. > > Also your notion of mode-equivalence here is interesting, it's actually > a strict subset of the ACLs that produce the same permission results as > a mode. (For example, everyone:rwx,bfields:rwx is equivalent to 0777 > but won't be considered mode-equivalent by this algorithm.) Yes, the algorithm should better not surprise the user by being too clever. > I think the choices you've made probably make the most sense, they just > wouldn't have been obvious to me. Anyway, so, OK by me: > > Reviewed-by: J. Bruce Fields <bfields@xxxxxxxxxx> Thanks, Andreas -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html