File System ACLs: Where to go from here in FreeBSD? (fwd)

Robert Watson rwatson at FreeBSD.org
Tue Sep 20 22:43:27 GMT 2005 

FYI.



Robert N M Watson

---------- Forwarded message ----------
Date: Tue, 20 Sep 2005 17:46:12 -0400
From: Allen <bsdlists at rfnj.org>
To: freebsd-security at freebsd.org
Subject: Re: File System ACLs: Where to go from here in FreeBSD?

Long message, excuse the butcher job.

On Sat, September 17, 2005 08:19, Robert Watson wrote:

> (b) We can consider a migration to NT/NFSv4-style ACLs, which is the route
>      that Darwin has taken.  They use the FreeBSD user space ACL library
>      and POSIX.1e interfaces, but use ACLs with more NT-like semantics.
>      In particular, they have notions of taking ownership, slightly finer
>      grained directory controls, etc.  This is a lot of work.
> Option (b) is an interesting new choice as compared to 1999, when NTFS
> ACLs were in the distinct minority in terms of the syntax and semantics
> they offered.  However, they become much more appealing if we consider
> that there appears to be a much clearer mapping from NTFS ACLs to NFSv4
> ACLs than there is from POSIX.1e ACLs to NFSv4 ACLs.  And the fact that
> Mike Smith at Apple has taken the time to make it sit behind our library
> for the Darwin implementation on HFS+, etc, is also quite interesting.
> When I implemented the library, it was my hope that it would support that
> sort of thing, but we never actually tried :-).
> If we don't start considering a move to Darwin/NTFS ACLs, then we run into
> a problem when it comes to implementing NFSv4 ACLs: the mapping and
> behavior is rather poor and unclear.

 From a personal standpoint, going the Darwin/NFSv4/NTFS path is more desirable 
to me simply because most of the networks I work on are BSD+NT networks.  Since 
I have no Solaris, Linux, or OSX boxes on them and don't use NFS, I'm happy as 
long as SMB support continues to get better, so either way isn't of a great 
deal of concern to me.

My question is, given that mapping NFSv4 onto the existing POSIX structure is 
possibly ambiguous, is the reverse also true?  With NTFS giving finer grained 
control, and the implication in your writing that mapping NFSv4 onto 
Darwin/NTFS is trivial in comparison, is it possible to make the native mode 
Darwin/NTFS compatible and then map the POSIX side onto that?

My very informal investigation of POSIX.1e leads me to believe that 
implementation on a system with NTFS style ACLs and features would be trivial 
compared to the reverse; Adding POSIX.1e to NT for example strikes me as fairly 
easy.

It's also of passing interest that POSIX.1e never became a "true" POSIX 
standard, is incomplete, and has been abandoned by IEEE;  Down that road lies 
even more cross-platform interoperability and compatibility problems I would 
imagine, if parts of the draft are open to interpretation. 
_______________________________________________
freebsd-security at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message

More information about the trustedbsd-discuss mailing list