> On Thu, 26 Oct 2000 [EMAIL PROTECTED] wrote:
>
> > For an existing API (which I am not proposing be taken as is) take a look
> > at the xfs man pages here:
> >
> > http://oss.sgi.com/projects/xfs/manpages.html
>
> Sorry, but I think the root namespace is a serious misdesign. The root
> user shouldn't be treated specially at all. In a system that fully
> supports capabilities, it's actually possible for root to have no
> permissions whatsoever. Allowing root to manipulate EAs of files
> effectively makes root omnipotent again (by manipulating the capabilities
> of files, etc.)
ROOT is a bad name for it, being root is not what controls who is
allowed to change it, that is capabaility based. And like I said I
am not proposing this as an interface for linux - but I do want to
see an interface which lets xfs continue to have the two spaces,
changing that is not an option since it involves changing the on
disk format of xfs.
I will let Curtis respond on the root stuff if he wants he did that not me!
>
> However, there should be a separate namespace for system related
> attributes like ACL, CAP, MAC for which the kernel determines whether an
> access is granted or not. No user, ever, is able to override the security
> policy of the kernel in this namespace. Also, the kernel doesn't only rule
> whether an access is granted, but also which values the EA may assume.
Yes, the root name space in irix is where these beasts live, plus a few
other system managed properties such as dmapi information. Getting permission
to manipulate these is tightly controlled. [ Note that people other than
myself are best to argue about security stuff, I'm a filesystem guy. ]
>
> Also, XFS has two separate namespaces. Merging them (and keeping the
> namespace information in a name prefix) would be a good thing as it would
> simplify the interface. Attributes from multiple namespaces would be
> brought into context by their name only. Otherwise, [1342]acl and
> [4742]acl might look very similar, but indeed they would describe entirely
> different things.
This breaks existing XFS filesystems.
>
>
> Here's another manpage pointer to Tru64 "property lists":
> <http://www.tru64unix.compaq.com/faqs/publications/base_doc/DOCUMENTATION/V50
_HTML/MAN/MAN4/0200____.HTM>
>
> And to FreeBSD:
> <http://www.FreeBSD.org/cgi/man.cgi?query=extattr>
>
>
> Thanks,
> Andreas.
>
> ------------------------------------------------------------------------
> Andreas Gruenbacher, [EMAIL PROTECTED]
> Contact information: http://www.bestbits.at/~ag/
>
>
>
-
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to [EMAIL PROTECTED]
