From mboxrd@z Thu Jan  1 00:00:00 1970
From: Dave Eckhardt <davide+p9@cs.cmu.edu>
Subject: Re: [9fans] fuse bashing
To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu>
In-Reply-To: <43D53D9F.90702@lanl.gov>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <20275.1138167054.1@piper.nectar.cs.cmu.edu>
Date: Wed, 25 Jan 2006 00:30:55 -0500
Message-ID: <20276.1138167055@piper.nectar.cs.cmu.edu>
Topicbox-Message-UUID: e706f5ac-ead0-11e9-9d60-3106f5b1d025

> no ACLs (I'm convinced that the stat and wstat could be trivially
> extended to support this --- 9p2000.acl)

I assume ACL semantics would need to be outside the protocol, but
have you found an ACL system you like?  AFS ACLs are usable but
not "obvious"; DFS (Son of AFS) ACLs are much more complicated
and, I think, hence less usable; Linux ACLs (at least the Red Hat
flavor) couldn't encode some natural-seeming thing my brother
wanted to do--I don't think it's a coincidence that the POSIX
committee came apart before completion.

The part of AFS I like is that every user can define new groups.
Once "owner" and "group" can be arbitrary sets of people, it's
not clear to me that you need more than "owner, group, world".
You can always come up with complicated scenarios, but in my
experience many complicated ACLs are wrong if you look carefully
at them.

Dave Eckhardt