[ACL-Devel] Question of the week (mainstream kernel?)

Andreas Gruenbacher a.gruenbacher@bestbits.at
Sat, 15 Apr 2000 14:29:12 +0200 

[Vyacheslav: I cc you this message since I've been asked to comment on
Trustees.]


Jean-Eric Cuendet wrote:
> 
> Hi,
> Just my question of the week:
> When will ACLs be in the mainstream kernel?

No plans so far. We're not yet good enough  :-)

If you want to speed up things, maybe you want to start implementing the
property storage facility we have recently been talking about. With a little
more discussion, we could arrive at a good design. Maybe you also want to test
the latest ACC code and help by reporting/fixing errors.

I'm afraid I won't be able to work on the code for the next two or so months, so
unless somebody else spends some time on it, nothing will happen for a while.

> Do you already have contacts with Linus?

No, the right people are Steven Tweedie (ext2) and Al Viro (VFS).

Unfortunately, ACLs and the other POSIX.1e mechanisms are not a very hot topic
among the core developers it seems.

> I think that ACLs are VERY important for enterprise-Linux

So do I. In fact a commercial (kind of) application made me implement them in
the first place.

> And what do you think of the Trustees project?

Not too much. I've discussed the differences between the two approaches with
Vyacheslav (the author or Trustees). Some of the problems I have with the
project are:

- Trustees are associated with paths, not inodes. YOu can have different
permissions on files, depending on where you came from. This IMHO is not very
UNIX-like.

- Only root can set trustees. This can only be overcome with a SUID root binary.
ACLs allow users (like group managers) to manage the permissions on files of
their group.

- Trustees are Linux specific. I'm not really so much interested in Linux-only
solutions. ACLs are available on other *NIXes.


Andreas

------------------------------------------------------------------------
 Andreas Gruenbacher, a.gruenbacher@computer.org
 Contact information: http://www.bestbits.at/~ag/
-------------------------------------------------------------------------
Linux ACL Developers List ---  http://acl.bestbits.at/acl-devel/

To unsubscribe, send a message with `unsubscribe acl-devel'
in the message body to majordomo@bestbits.at.
-------------------------------------------------------------------------