Andreas Gruenbacher wrote:
> On Thu, 26 Oct 2000 [EMAIL PROTECTED] wrote:
> > For an existing API (which I am not proposing be taken as is) take a look
> > at the xfs man pages here:
> >
> > http://oss.sgi.com/projects/xfs/manpages.html
>
> Sorry, but I think the root namespace is a serious misdesign. The root
> user shouldn't be treated specially at all. In a system that fully
> supports capabilities, it's actually possible for root to have no
> permissions whatsoever. Allowing root to manipulate EAs of files
> effectively makes root omnipotent again (by manipulating the capabilities
> of files, etc.)
Keep in mind that XFS EA's were designed before ACLs made it into IRIX.
Having said that, I agree with you that the root namespace does not mix
well with ACLs. I like the idea of user, system, and trusted namespaces.
> Also, XFS has two separate namespaces. Merging them (and keeping the
> namespace information in a name prefix) would be a good thing as it would
> simplify the interface. Attributes from multiple namespaces would be
> brought into context by their name only. Otherwise, [1342]acl and
> [4742]acl might look very similar, but indeed they would describe entirely
> different things.
Even though it makes life more difficult, I like the idea of very separate
namespaces for separate types of things. The worst case is when a user
application wants to create an attribute named "foo" but that name has
already been used by a system or trusted entity. Putting error recovery
algorithms inside applications to resolve attribute namespace collisions
is ugly and the API should be set up to avoid them if possible.
Thanks,
Curtis
-
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to [EMAIL PROTECTED]
