* Oliver Xymoron (oxymoron@waste.org) wrote:
> On Wed, Oct 30, 2002 at 09:43:29PM -0500, Alexander Viro wrote:
> > Because People Are Stupid(tm). Because it's cheaper to put "ACL suppor=
t: yes"
> > in the feature list under "Security" than to make sure than userland ca=
n cope
> > with anything more complex than "Me Og. Og see directory. Directory =
Og's.
> > Nobody change it". C.f. snake oil, P.T.Barnum and esp. LSM users
>=20
> It's nearly useless in a Unix-only context, true, however there's a rather
> serious impedance mismatch for serving files to Windows that this
> addresses. Emulating ACLs on the fly with groups to fit into the
> Windows model is mostly doable but ain't pretty.=20
It's only nearly useless if you have some desire as an admin to
constantly be creating groups and changing group lists for users. This
is not a feature which is useful only when serving files to Windows
machines, not even nearly. AFS, Solaris, Irix etc have support for ACLs
and have a great deal of people who use them. The simple yet common
situation of one user who wants to give even just read access to
another specific user for a given file is a pain in the ass to deal with
given the current structure.
Stephen
--UJL6Ehwkp4s1typS
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
iD8DBQE9wWKjrzgMPqB3kigRAvf9AKCXKZ7bLf1zaFkV+j9/kgc3+aah3ACeMthi
dmHh2saMe6wcSc/3rAwhe4M=
=2B7r
-----END PGP SIGNATURE-----
--UJL6Ehwkp4s1typS--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/