Hi,
On Mon, Feb 04, 2002 at 06:40:53PM -0500, Darrell McGuire wrote:
> I was wondering if there was any talk regarding the possible inclusion
> into either kernel 2.4.x or 2.5.x of a general and standard ACL
> interface for file system security. I've used the ACL patch from
> acl.bestbits.at on ext3 & love it dearly except for the quota issues.
> Despite those issues I absolutely could not live without ACL's
> on large file servers with a few hundred or thousand users.
>
> I understand and respect the fact that the ext3 team doubtless has many
> other concerns, and I am able to make due with kernel patches fine.
> I am interested more in long range plans; perhaps through a 3 way
> convergence
> between the Posix ACL team, the XFS team, and the ext3 team.
Yes. The bestbits ACL code has major problems as a generic extended
attributes mechanism, which is my main concern with the current code.
It is fine for ACLs, where many files are expected to share the same
set of permissions; but for generic EAs, if each file has a distinct
set of EAs then it forces each file to consume a whole block just for
the EAs. We need something more space-efficient with EAs before I'd
be comfortable with it in the main kernel, and Daniel Phillips has a
design scratched out for that.
Cheers,
Stephen