[AFS3-std] Per-file ACLs - a few items for discussion
Jeffrey Hutzelman
jhutz@cmu.edu
Mon, 29 Jun 2009 10:42:19 -0400
--On Monday, June 29, 2009 09:52:44 AM -0400 Jeffrey Altman
<jaltman@secure-endpoints.com> wrote:
> Jeffrey Hutzelman wrote:
>> --On Sunday, June 28, 2009 10:41:46 AM -0400 Jeffrey Altman
>> <jaltman@secure-endpoints.com> wrote:
>>
>>> What the OpenAFS Windows client does is actually quite smart. It avoids
>>> a large numbers of FetchStatus calls that are unnecessary because the
>>> relevant access right info for the current user is the same on every
>>> item in the directory. If a callback already exists on an object in
>>> the directory from another user, there is no reason to go obtain another
>>> one just to obtain access rights that are already known.
>>
>> I'm confused. I thought you said the Windows client maintains access
>> cache information on a per-object basis; now you're saying it shares
>> cached access rights among all objects in a directory, just as the
>> UNIX client does. Which is it?
> The Windows client maintains an access cache for all objects. If you a
> FetchStatus call is performed an access cache entry for that object is
> created. However, I forgot/missed that during the access check the
> access cache for the directory object is the only one that is used.
OK; that sounds similar to what the UNIX client does, but without the
VLF_DFSFILESET handling. Too bad.