On Tue, Jan 13, 2015 at 06:23:26PM +0100, Andreas Gruenbacher wrote: > On 01/13/2015 05:48 PM, Jeremy Allison wrote: > >My understanding of Christoph's objection (although I'm sure > >he can chime in himself :-) was that he wanted to see POSIX > >ACLs reworked as a mapping on top of RichACLs, so that ultimately > >RichACLs would be the only on-disk format of the EA. > > > >I think that is doable, as I think any POSIX ACL can be represented > >as an underlying RichACL, just not the reverse. > > On of the differences is that permissions in POSIX ACLs do > accumulate, while in NFSv4 and CIFS ACLs, and therefore also > richacls, they do not. So the two models are really not > interchangeable, however annoying that may be. > > For example, with the following POSIX ACL, a non-root process in > group 5001 and 5002 would not be allowed to open f with O_RDWR, only > with O_RDONLY *or* O_WRONLY. > > # file: f > # owner: root > # group: root > user::rw- > group::rw- > group:5001:r-- > group:5002:-w- > mask::rw- > other::--- > > In all the other ACL models, the process would be allowed to open f > with O_RDWR. > > The rationale for this behavior in POSIX ACLs was / is consistency > with how the traditional POSIX file permission model works -- > determine which of the (three) sets of permissions applies to a > process, then check only that set. Really good point, and the one case I'd forgotten about :-). Thanks for pointing it out ! -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
