From owner-freebsd-security  Sun Mar 14  9:45: 7 1999
Delivered-To: freebsd-security@freebsd.org
Received: from gndrsh.aac.dev.com (GndRsh.aac.dev.com [198.145.92.4])
	by hub.freebsd.org (Postfix) with ESMTP id 63A7B14E61
	for <freebsd-security@FreeBSD.ORG>; Sun, 14 Mar 1999 09:44:45 -0800 (PST)
	(envelope-from rgrimes@gndrsh.aac.dev.com)
Received: (from rgrimes@localhost)
	by gndrsh.aac.dev.com (8.8.8/8.8.8) id JAA22396;
	Sun, 14 Mar 1999 09:42:30 -0800 (PST)
	(envelope-from rgrimes)
From: "Rodney W. Grimes" <rgrimes@gndrsh.aac.dev.com>
Message-Id: <199903141742.JAA22396@gndrsh.aac.dev.com>
Subject: Re: ACLs was disapointing security architecture
In-Reply-To: <19990313203902.B1850@austin.rr.com> from Alan Weber at "Mar 13, 99 08:39:02 pm"
To: aaweber@austin.rr.com (Alan Weber)
Date: Sun, 14 Mar 1999 09:42:30 -0800 (PST)
Cc: robert+freebsd@cyrus.watson.org, freebsd-security@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL32 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

[Trim old context]

>  
> I am not suggesting directory-only ACLs but want the file ACL to point to the
> directory ACL unless explicitly changed on a per file basis. I like the above
> scheme to reuse ACLs as one change can be efficiently propagated to a huge number
> of files versus having to fetch/update every file ACL in a directory hierarchy.
> 

Apollo/Agies and Apollo Domain/OS implemented it something like this, only
I think the ACL's where stored as seperate UUID objects and files/directories
had pointers to them.  A UUID is kinda like an inode, but a lot more flexable
in what it can do.  They also had a utility known as salacl (salvage acl's)
that would walk a disk volume for all acl's and find ones that had the
same values, then collapse all the pointers to a minimum set of acl's.

In the early days of Apollo/Agies is you did not run salacl at least once
a week performance really started to suck.  Latter they improved the ACL
cache code and this became less of a problem unless you where doing lots
of changes to a volumes ACL's.


-- 
Rod Grimes - KD7CAX - (RWG25)                   rgrimes@gndrsh.aac.dev.com
Accurate Automation, Inc.                   Reliable computers for FreeBSD
http://www.aai.dnsmgr.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message