ACL permission definitions
Chris Faulhaber
jedgar at fxp.org
Tue Apr 10 10:47:16 GMT 2001
On Tue, Apr 10, 2001 at 12:09:31AM -0400, Robert Watson wrote:
>
> On Mon, 9 Apr 2001, Chris Faulhaber wrote:
>
> > Finally, we still need ACL_UNDEFINED_TAG and ACL_UNDEFINED_ID
> > definitions to complete the list.
>
> The idea of using VNOVAL (-1) is tempting, as it's already a reserved
> value in VFS. However, handling of VNOVAL is fairly buggy due to nasty
> interactions in vop_getattr and vop_setattr with reserved numbers
> (something that affected NFS until NFSv3). Are these values that will be
> seen by applications using the interface, seen by the implementation (in
> particular, the kernel), or both?
>
They are application-level only. The only place they are used is
in acl_create_entry() for denoting initial values in the acl entry
and their use in the kernel would be undefined[sic].
> > I have a patch at http://www.fxp.org/jedgar/FreeBSD/acl_fixes.diff that
> > corrects ACL_PERM_*, adds ACL_(FIRST|NEXT)_ENTRY, ACL_UNDEFINED_TAG, and
> > ACL_UNDEFINED_ID. Work is underway to finish the external/internal acl
> > representation so acl_get_entry() can be completed. Comments/concerns
> > are appreciated.
>
> The patch looks good to me, although I haven't done a test compile.
>
world compiles fine with this; unfortunately, the patch does not cover
the kernel :/ New patch this evening...
--
Chris D. Faulhaber - jedgar at fxp.org - jedgar at FreeBSD.org
--------------------------------------------------------
FreeBSD: The Power To Serve - http://www.FreeBSD.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/trustedbsd-discuss/attachments/20010410/1694b1b3/attachment.bin
More information about the trustedbsd-discuss
mailing list