On Tue, 2022-01-04 at 03:38 +0000, Sam James wrote: > > ACL is kind of similar to what Ionen said for PAM, i.e. sometimes > people may want to turn it off and it makes sense to expose > this option for those who do, but we don't need to try support it. >
This is another important one. It has security implications, is highly confusing, requires kernel support, and is nonstandard as a USE flag and as an implementation. Most people should have it off to avoid surprises, but disabling it in the kernel can make the userland software complain when explicitly built with ACL support.
