Jordan Brown wrote:
6923083 ZFS/NFS/SMB ACL interoperability changes

In ZFS, all access control is through access control lists. There are no traditional UNIX permissions stored; UNIX permissions are synthesized when needed by processing the access control lists. Before build 139, that algorithm considered only "current owner" and "current group" entries when synthesizing traditional UNIX permissions. That often resulted in permissions that looked like "---------" even when the owner of the file had full access, because that access was granted explicitly to that user rather than to "the current owner". Starting in build 139, access control entries that refer specifically to the user who happens to own the file are also considered. Note: Since the actual access control checks use the access control list, these "bad" permissions reports largely did not affect access; they just worried humans looking at them. (Again, similar comments apply to "current group".)

I should note that that CR addressed a number of improvements in the treatment of ACLs; this is only one of the things that it changed.

cifs-discuss mailing list

Reply via email to