On Wed, 10 Feb 1999 14:17:35 -0800 (PST), Santos Halpar
<sjhalpar@yahoo.com> said:
> Stephen Tweedie <sct@redhat.com> wrote:
>> On Tue, 9 Feb 1999 13:31:14 +0100 (CET), MOLNAR Ingo
>> <mingo@chiara.csoma.elte.hu> said:
> [SNIP]
>>> together with all the other upcoming 2.3 features (ACLs, trees,
>>> compression, etc.) it will be significantly different from
>>> 'classic' ext2fs
> Probably off-topic for linux-raid, so I'm moving it over to
> linux-kernel,(is there an ext2 mailing list?) but I've seen
> Stephen talking about ACLs a few times recently -- what's the
> status of getting ext2 support for capabilities in the early
> 2.3.x series? Is this going to be done in the ACL patches[1],
> or is there plan to do it at a higher level (VFS)?
There needs to be VFS support, but the fact is that different existing
filesystems already have different security mechanisms (think about
AFS+kerberos, for example), so we need to leave as much of the policy
as possible to the individual filesystems.
Given that in a secure configuration we'll be doing an ACL lookup for
every executable file anyway, it would make sense to keep the
capabilities in the same structures as the ACLs on disk.
--Stephen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/