Site Specific ACL Bits/chown: Was: [OpenAFS-devel] posix chown again

Derrick Brashear shadow@gmail.com
Mon, 8 Dec 2008 18:36:32 -0500 

------=_Part_38273_2998261.1228779392588
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

At risk of receiving a roasting myself, I will say that I have grave
concerns at loading the gun that will enable sites, even ones who may in
fact know what they are doing, to shoot themselves in the foot. You always
do have the option of applying a patch, and it may make sense to make the
build framework we provide able to do that. That doesn't mean every patch
should be included.

In any case, my concerns here include what happens if all servers are not
running the same version, and when a user uses sites which differently bind
ACL bits. I'd rather see a capability, a new RPC which binds a current ACL
bit to a purpose, and, minimum, changes to fs which disallow setting
ABCDEFGH and instead make you tell it something like "chown" where you'd
want this bit set much like "lookup" means "l".

Derrick
with the hat on that means "worried about people hurting themselves",
whichever that one is.

------=_Part_38273_2998261.1228779392588
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

At risk of receiving a roasting myself, I will say that I have grave concerns at loading the gun that will enable sites, even ones who may in fact know what they are doing, to shoot themselves in the foot. You always do have the option of applying a patch, and it may make sense to make the build framework we provide able to do that. That doesn&#39;t mean every patch should be included.<br>
<br>In any case, my concerns here include what happens if all servers are not running the same version, and when a user uses sites which differently bind ACL bits. I&#39;d rather see a capability, a new RPC which binds a current ACL bit to a purpose, and, minimum, changes to fs which disallow setting ABCDEFGH and instead make you tell it something like &quot;chown&quot; where you&#39;d want this bit set much like &quot;lookup&quot; means &quot;l&quot;.<br>
<br>Derrick<br>with the hat on that means &quot;worried about people hurting themselves&quot;, whichever that one is.<br><br>

------=_Part_38273_2998261.1228779392588--