Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 27 Sep 2000 07:23:38 +0000 (GMT)
From:      Terry Lambert <tlambert@primenet.com>
To:        julian@elischer.org (Julian Elischer)
Cc:        rwatson@FreeBSD.ORG (Robert Watson), freebsd-fs@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG, trustedbsd-discuss@TrustedBSD.org
Subject:   Re: VOP_ACCESS() and new VADMIN/VATTRIB?
Message-ID:  <200009270723.AAA20257@usr05.primenet.com>
In-Reply-To: <Pine.BSF.4.10.10009262311160.13148-100000@InterJet.elischer.org> from "Julian Elischer" at Sep 26, 2000 11:12:37 PM
next in thread | previous in thread | raw e-mail | index | archive | help 
Julian Elisher wrote:
> I agree with all you have said here.
> 
> On Tue, 26 Sep 2000, Robert Watson wrote:
> > In general, access control for operations within a file system is
> > determined via a recursive VOP_ACCESS() call on the vnode, vis.
> > 
> > VOP_OPEN(vp, ...) -> ufs_open(vp, ...) -> VOP_ACCESS(vp, ...) ->
> >     ufs_access(vp, ...)
> [...]

Perhaps a better question would be "assuming you generalize
the references cited using the orioised VADMIN, how many
references not using VOP_ACCES() will remain?".

I think the generalization and centralization which took
place are really bad things, since I think administrative
policy is something that I may very well want to set on
_both_ a system basis _and_ on a per-FS basis.

I also think that read-only-ness of an FS is a mount
option having nothing to do with the underlying FS itself.

It seems to me that some of the centralization should, in
fact, be backed out, since it seems that it would preclude
layer recursion in some useful stacking arrangements, much
in the same was a non-NULL VOP did when the "default" layer
was introduced (with no mechanism to provide default
semantics for nely defined VOPs, without a kernel recompile).


					Terry Lambert
					terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-fs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009270723.AAA20257>