> The problem is that different, already established filesystems: AFS,
> Coda, NTFS, etc., all have different ACL semantics. For example, AFS
> only has an ACL on a per-directory basis. I'm not sure about Coda, but
> it may be the same as AFS. NTFS uses 128 bit UUID's in its ACL's to
> name users and groups. The POSIX acl interface uses uid_t and gid_t for
> user and group id's.
>
> So it would be *nice* to do this, but there's quite a lot of design work
> to make the interfaces similar enough that a single interface could be
> used at both the UI and system call level. I won't say that it's
> impossible, but it's definitely non-trivial.
Not to mention that auditing a system using ACLs for security is much*
more difficult. And that such a system would break all mature UNIX
tools' notions of what is secure. ACLs tend to be an answer for people who
are asking the wrong question anyway.
-- "Love the dolphins," she advised him. "Write by W.A.S.T.E.."
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/