From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <43D79D0D.8000900@lanl.gov> Date: Wed, 25 Jan 2006 08:45:17 -0700 From: Ronald G Minnich User-Agent: Mozilla Thunderbird 1.0.7-1.1.fc4 (X11/20050929) MIME-Version: 1.0 To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> Subject: Re: [9fans] fuse bashing References: <20276.1138167055@piper.nectar.cs.cmu.edu> In-Reply-To: <20276.1138167055@piper.nectar.cs.cmu.edu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Topicbox-Message-UUID: e74fb7e2-ead0-11e9-9d60-3106f5b1d025 Dave Eckhardt wrote: >>no ACLs (I'm convinced that the stat and wstat could be trivially >>extended to support this --- 9p2000.acl) > > > I assume ACL semantics would need to be outside the protocol, but > have you found an ACL system you like? I'm not so sure it has to be outside the protocol. We've already extended stat/wstat with .u, and it was not that big a deal. The *stat packets are a very good design, and I think could be stretched for ACLs. > The part of AFS I like is that every user can define new groups. > Once "owner" and "group" can be arbitrary sets of people, it's > not clear to me that you need more than "owner, group, world". Data General AOS/VS had a pretty usable ACL scheme. ACLs were simple sequences of tuples: (re, permission)+ -- IIRC, it's been 24 years, and I can't find that manual -- so, for example, you might have: (rminnich,readwrite):(sys+, read):(myfriends, readwrite) and so on. In practice, everybody did user, group, world, just with re's instead of numbers; I think I agree with you. It's too hard to think about much else. I didn't say people NEED ACLs, they just WANT ACLs. As I used to say to my kids all the time, "You don't need that, you want that". After about 10 years, they got my point. ACLs are the new fad, and they're going in, with silly bugs to boot (ACLs have been NOT fun on linux), and I really doubt in the end we'll go much beyond user, group, world. ron