On Tue, Mar 08, 2005 at 09:10:45AM -0500, David Collier-Brown wrote:
> Right now, we have unix permission bits for user,
> group and other, for user, other and a list of groups.
> And it works. We can represent most of the
> access controls that NT does.


No, we can't. Ask Jeremy about mapping Security descriptors to Posix ACLs and
the information loss involved :-)

> So what's wrong with an incremental improvement, from
> permission bits and groups to ACLs which provide
> little more than a fine-grained set of rwx permissions?


The simple fact that the world needs anything but yet-another-acl-model.

We have good support for the limited Posix model, we have good support for AFS
ACLs (see vfs_afsacl.c). When implementing user-space access control I would
*strongly* argue against a new model. Either do Posix ACLs including their
limitations or go all the way down to NT ACLs. BTW, Samba 4 already does NT
ACLs this so there is a model for it available.

Volker