Date: Fri, 28 Jul 2000 16:39:23 +0200
From: Xuan Baldauf <xuan--reiserfs@baldauf.org>
> and I open the file "stupid", I don't have to either traverse all of the
> directories down to the pathname, and I don't have to do any permissions
> checks in all of the parent directories of the cwd.
For inheriting ACLs, you do not have to traverse all the path components
either, because you can use your cached resolved ACLs for your cwd
".../really", can't you?
In order handle stuff like ../../bill/gates/sucks, you have to cache the
ACL's at a per-directory level, and not fully resolved. (Or you could
do both, but now you're talking memory bloat issues). And of course, if
you do all of this cacheing, the moemnt you want to change an ACL, you
have to go all over the place invalidiating caches.
This becomes particularly disastrous over networked filesystems, since
you have to send all of these invalidates over the network.
Fortunately, as I said, NFSv4 eschews dynamic inheritance. (They
specifically state that inheritance only applies to newly created files,
and not to existing files. At this point, it's basically the standards
Multics's per-directory default creation ACL, which is assigned to all
new files created in that directory.)
- Ted
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:27 EST