-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Collier-Brown wrote:
| Volker Lendecke wrote:
|> The only real way around this is a
|> user-space implementation of NT acls, but then you lose the unix
|> interoperability.
|
| If groups and wimpy Unix permission bits work now, why would you
| need full NT ACLs? Would not ordinary POSIX ones suffice???

Volker's saying that unless we go to userspace access
checks using the full NT_USER_TOKEN (which is not limited
by the OS), you are out of luck. If we went this way, we might as well
make everything on the file system owned as root and store
in the real NT ACL in EAs.




cheers, jerry


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCLMbfIR7qMdg1EfYRAla5AKCuebzk2ZOm9xMfkAXRpx fyMTePCQCZAWyw
xoD59ageXZdSHLsgUrj+BAw=
=GEGo
-----END PGP SIGNATURE-----