At Tue, 25 Oct 2005 09:14:53 +0200, ness wrote: > > Jonathan S. Shapiro wrote: > > On Mon, 2005-10-24 at 21:09 +0200, Alfred M. Szmidt wrote: > > > >> 1. Why do we need *another* POSIX OS? What real value can it > >> provide? > >> > >>Because rewriting the 300 something GNU projects is not realistic. > > > > > > This is an argument for a compatibility layer. Perhaps for more than > > one. It is not an argument for recreating POSIX as a core system. > > > When I said > > Yes. One of our aimes is to build a unix replacing OS. > I tried to point to this compatibility layer. Of course we use > capabilities in the core, but the POSIX layer has to support acl based > access control.
I'm not convinced that we have to support ACLs. I think the question needs to be asked: how many applications rely of ACLs? Many applications just open files and read and write some bytes. For these applications, the fact that access is granted based on an ACL, a capability or something else is immaterial: if open succeeds and returns a file descriptor to the named file then all is well. I think that the first question we should ask is: what applications do we *want* that require ACLs? Having identified these, the next question should be: is their dependency on ACLs an implementation issue or a functionality issue? That is, can the implementation be changed to avoid using ACLs without the loss of important functionality? If the answer is no, then the next question to ask is what does functionality does it require and how can be build this on top of capabilities in a confined way? Thanks, Neal _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
