(Illustration by Gaich Muramatsu)
Hello, I've got some more insight into access control issue by reading an AFS2 paper (thanks Satya!) and testing Coda behaviour. As I missed these details for several years :) I think it is useful to summarize here. A positive discovery (Jan opened my eyes) was that Coda has some access control on file level, besides the directory-bound acls. The "owner" access bits are actually used, not only stored and retrieved. These bits effectively mask the read and write rights on file-by-file level. The negative side is that this access control is implemented independently and with different semantics than the main acl-based one. - it is enforced by venus on client side, hence does not protect against malicious clients, on a global filesystem it just creates a false feeling of safety ==> is it hard to let the *server* to respect the r- and w- access bits? - the right to change the bits by chmod() for some reason is bound to "w" privilege in acls, not to "a" as would seem logical ==> what is that reason? Note also that though the bits used are the unix "file owner" ones, their function has nothing to do with who is the "file owner". If a bit is set, it does not influence the rights granted by acls. If a bit is unset, it prevents the corresponding access for *all*. Best regards, -- IvanReceived on 2003-04-09 03:48:48