Alex Belits wrote:
> On Mon, 7 Sep 1998, Feuer wrote:
>
> > Seems to me that user-manageable groups would not eliminate the need for ACLs,
> > but that it does complement them, allowing additional flexibility and ease of
> > use. ACL=access control list, right?
>
> In theory user-manageable groups can provide the complete equivalent for
> ACLs, however there will be as many groups as different sets of
> users/permissions in ACL, so even though in real situations reasonably low
> number of them will be kept, there can be situations where ACLs will
> require less resources than a set of groups. Currently there is a rather
> low limit for the total number of groups, user can be in, and it may be
> possible to change that to support ACL-like things in "classic" user/group
> model.
>
> > Another question: what reads /etc/group? Is it the kernel or something else?
>
> getgrent(3),setgrent(3),endgrent(3),getgrnam(3),getgrgid(3), and most
> important, initgroups(3). As you can see, all of them are library
> routines.
>
> Supporting ACL or changing the maximum number of groups in
> simultaneously used set (and dealing with performance issues, associated
> with both) is related to kernel, however userspace utilities to manage
> ACLs or large groups sets are not.
>
> --
> Alex
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/faq.html