On Sat, Dec 08, 2001 at 11:17:21PM +0300, Hans Reiser wrote:
> Nathan Scott wrote:
> >In a way there's consensus wrt how to do POSIX ACLs on Linux
> >now, as both the ext2/ext3 and XFS ACL projects will be using
> >the same tools, libraries, etc. In terms of other ACL types,
> >I don't know of anyone actively working on any.
> We are taking a very different approach to EAs (and thus to ACLs) as
> described in brief at www.namesys.com/v4/v4.html. We don't expect
> anyone to take us seriously on it before it works, but silence while
> coding does not equal consensus.;-)
> In essence, we think that if a file can't do what an EA can do, then you
> need to make files able to do more.
We did read through your page awhile ago. It wasn't clear to me
how you were addressing Anton's questions here:
(I couldn't find a reply in the archive, but may have missed it).
We were concentrating on something that could be fs-independent,
so the lack of answers there put us off a bit, and the dependence
on a reiser4() syscall is pretty filesystem-specific too (I guess
if your solution is intended to be a reiserfs-specific one, then
the questions above are meaningless).
I was curious on another thing also - in the section titled
``The Usual Resolution Of These Flaws Is A One-Off Solution'',
talking about security attributes interfaces, your page says:
"Linus said that we can have a system call to use as our
experimental plaything in this. With what I have in mind for the
API, one rather flexible system call is all we want..."
How did you manage to get him to say that? We were flamed for
suggesting a syscall which multiplexed all extended attributes
commands though the one interface (because its semantics were
not clearly defined & it could be extended with new commands,
like ioctl/quotactl/...), and we've also had no luck so far in
getting either our original interface, nor any revised syscall
interfaces (which aren't like that anymore) accepted by Linus.