On Mon, Jan 12, 2015 at 3:06 PM, Andreas Gruenbacher <agruenba@xxxxxxxxxx> wrote: > Hello, > > I would like to discuss the status and next steps for completing > richacl support (http://en.wikipedia.org/wiki/Richacls) in > the vfs, local file systems, nfs, cifs. > > Right now, we don't have kernel support for a file permission > model powerful enough to support both POSIX permissions and > NFSv4 / CIFS access control lists at the same time. As a result, > support for the NFSv4 and CIFS permission models is very limited, > and permission wise, Linux is neither a very good client nor > server to other systems. For example, the permission to only > append to a file or to take ownership of a file cannot be > represented. When files are copied across systems, file > permissions change or are lost. I strongly am interested in this topic, and the related topic of whether any of the more recent extensions to the SMB3 ACL model ("DAC", to allow richer ACL semantics, and "claims based ACLs") should be visible to the kernel or whether it is adequate to enforce only in user space (in Samba and presumably Apache). -- Thanks, Steve -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
