On Tue, 2 Mar 2010, Kjetil Torgrim Homme wrote: > this is true for AUTH_SYS, too, sorry about the bad example.
Technically I suppose the server actually makes the determination about access, but given it makes it based blindly on whatever the client tells it, it seems it's really the client with the power. > doesn't really affect my point. if you just consider the filemode to be > the lower bound for access rights, aclmode=passthrough will not give you > any nasty surprises regardless of what clients do, *and* an ACL-ignorant > client will get the behaviour it needs and wants. win-win! Lose-lose. I don't get to avail of the full potential of expression ACL's provide, and ACL-ignorant clients will get to screw up the permissions I specified. Sorry, but on my data, I think the behavior I need and want should override what some random application wants to do. > you're not using those, are you? they are a direct mapping of the old > style permissions, so it would be pretty weird if they were allowed to > diverge. Why wouldn't I use them? They're a defined part of the ACL standard, and objects continue to have owners and group owners. I have no issue with read only mode bits being synthesized from the special ACE's and provided to clients, my issue is having non-ACL aware apps trying to update mode bits and that being translated into a lossy change to the ACL. > you made that model. Thanks for the compliment, but I'm afraid I did not contribute to either the original implementation of mode bits, nor windows CIFS ACL's, nor the RFC for NFSv4 ACL's, nor implementation thereof in ZFS. Surely you're not arguing that "mode bits" and "ACL's" are not different security models? > you don't have to. just subscribe to the principle of least security, > and it just works. I don't want "least security". I want "best security". Again, you're pretty much saying I wouldn't have a problem if I chose not to have a problem. I'm not quite sure what your point is. If my car engine caught on fire every time I exceeded 50 mph, would you say that rather than taking it to the dealer to get fixed, I should simply never exceed 50 mph? > nice insult. It wasn't an insult, it was an objective observation. You have made what I believe to be factually incorrect claims about how ACL's work and are implemented. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | hen...@csupomona.edu California State Polytechnic University | Pomona CA 91768 _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
