From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jeremy Allison Subject: Re: [Lsf-pc] [LSF/MM ATTEND] Richacls Date: Tue, 13 Jan 2015 13:20:59 -0800 Message-ID: <20150113212059.GF29564@samba2> References: <1626890778.1513173.1421087867777.JavaMail.zimbra@redhat.com> <1137663039.1544780.1421096804147.JavaMail.zimbra@redhat.com> <20150112223016.GB1940@fieldses.org> <20150113101435.GA28924@quack.suse.cz> <54B534C3.3090608@redhat.com> <20150113164802.GA5830@samba2> <54B5548E.5030808@redhat.com> <20150113174029.GA4156@fieldses.org> <20150113210440.GG28924@quack.suse.cz> <20150113211612.GD4156@fieldses.org> Reply-To: Jeremy Allison Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Jan Kara , Andreas Gruenbacher , Jeremy Allison , linux-fsdevel@vger.kernel.org, lsf-pc@lists.linux-foundation.org To: "J. Bruce Fields" Return-path: Received: from fn.samba.org ([216.83.154.106]:43320 "EHLO mail.samba.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751149AbbAMVVD (ORCPT ); Tue, 13 Jan 2015 16:21:03 -0500 Content-Disposition: inline In-Reply-To: <20150113211612.GD4156@fieldses.org> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: On Tue, Jan 13, 2015 at 04:16:13PM -0500, J. Bruce Fields wrote: > > Right, but look at the case above carefully again--it's *much* more > special than the one the container people hit. > > You can absolutely still represent weird modes like 026 with a Richacl > and it will deny permissions in the traditional way. > > What you can't do is represent the above POSIX ACL. > > This is a case that you can *only* hit with POSIX ACLs (not with mode > bits). And that's because the POSIX ACL is doing something bizarre and > useless that I've never seen any other ACL system do (denying read and > write together when each would be permitted separately). > > Using the usual "if a tree fell in a forest and nobody heard it..." > criterion, I think this change would be unlikely to cause us trouble. Agreed. I scratched my head and simply couln't think of a case where this could affect security of the system - only backwards bug compatibility.