Peter Tribble wrote:
On 3/23/07, Mark Shellenbaum <[EMAIL PROTECTED]> wrote:
Peter Tribble wrote:
> What exactly is the POSIX compliance requirement here?
>
The ignoring of a users umask.
Where in POSIX does it specify the interaction of ACLs and a
user's umask?
Let me try and summarize the discussion that took place, a few years ago.
The POSIX ACL draft stated:
p 269: "The process umask is the user's way of specifying security for
newly created objects. It was a goal to preserve this behavior
//unless it is specifically overridden in a default ACL//."
However, that is a withdrawn specification and Solaris is required to
conform to a set of "approved standards".
The main POSIX specification doesn't say anything specific about ACLs,
but rather alternate and additional access control methods.
POSIX gives clear rules for file access permissions based on umask, file
mode bits, additional access control mechanisms, and alternate access
control mechanisms. Most of this is discussed in section 2.3 "General
Concepts".
Since there is nothing in the spec that states that we *can* ignore the
umask, we are therefore forced to honor it. At least until we find a
way to
I will open an RFE to look into alternative ways to work around this issue.
-Mark
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
