[ACL-Devel] Re: OT: ACLs for Linux
Linda Walsh
law@sgi.com
Wed, 12 Apr 2000 10:44:37 -0700
Andreas,
If we reserved 48 bytes for CAPs (up to 128 CAPs reserved), and 256 for
MAC, would that work for you in your scheme? I was incorrect in stating IRIX
MACs took 1002 bytes -- the 250 number is shared between Divisions and Categories.
So if we went with 256 bytes reserved for MAC, that should allow around 120 shared
Cat/Div's.
Soooo. Maybe in your header file you can increase the space for CAP's
to 48 bytes, and instead of an #if 0 struct mac {}, you can have a char mac_reserve[256];
and follow that by ACL's, I'd say we'd be set for the immediate future.
Going with shared blocks is fine for now....i.e. -- if it doesn't work out,
the code could be changed to alloc 1 block/file later on. Basically all of the
attr blocks are Copy-On-Write -- i.e. if anything changes on a file (CAP, MAC or ACL)
we'll probably need a new attr block (unless a matching one just happens to be
in the cache).
Is it worth it to store CRC's for the past 100 or past 1000 attr blocks
accessed so if we have a matching CRC we could see if any of the attr blocks in
our 'recently accessed' list match and maybe check the block on disk? Just
a thought -- probably not an efficient time/space trade-off...
-l
--
Linda A Walsh | Trust Technology, Core Linux, SGI
law@sgi.com | Voice: (650) 933-5338
-------------------------------------------------------------------------
Linux ACL Developers List --- http://acl.bestbits.at/acl-devel/
To unsubscribe, send a message with `unsubscribe acl-devel'
in the message body to majordomo@bestbits.at.
-------------------------------------------------------------------------