Date: Fri, 26 Nov 1999 20:03:27 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: David Wolfskill <dhw@whistle.com>, security@FreeBSD.ORG Subject: ACLs for FreeBSD (was: Re: ps on 4.0-current) Message-ID: <Pine.BSF.3.96.991126195402.53729A-100000@fledge.watson.org> In-Reply-To: <199911261544.KAA60836@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 26 Nov 1999, Garrett Wollman wrote: > <<On Fri, 26 Nov 1999 10:21:17 -0500 (EST), Robert Watson <robert@cyrus.watson.org> said: > > > The painful thing is getting ACLs into the underlying storage mechanism, > > not writing kernel ACL support -- I've finished the framework in the > > kernel, libraries, some userland utilities, and even default evaluation > > routines for file systems to call. I just don't want to screw around with > > FFS storage and soft updates :-). > > I think it would be a Great Thing if this were incorporated into > -current before the feature freeze (which is coming up RSN). Even if > it's not implemented in any file systems yet, it would be good to get > the API fixed and out in public so that people can write their > software to it. It might also be the motivating factor to actually > getting a filesystem hacker to work on that side of things. Ok -- I've put online the second pass code at http://www.watson.org/fbsd-hardening/posix1e/acl/ It includes vnode interface patches, syscall interface patches + syscall implementations, some kernel support code, a userland library, and incomplete userland utilities (getfacl, but no setfacl at this time) and some userland test code. It's under a 2-clause BSD-style license, and currently based on 3.3-RELEASE, although with some simple modifications, should run under 4.0 just fine. I don't currently have a 4.0 build machine around (in DC not in Massachusetts), so haven't tried. Because this is pretty preliminary, I'm open to questions/comments/etc. This is after a bit of thought however, so I'd welcome questions about design choices, but should have fairly legitimate answers for them :-). The primary goal was to maintain POSIX.1e compliance while also keeping in mind decent performance and a couple of BSD-isms (possible to have fd's on directories). Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.991126195402.53729A-100000>