Date: Wed, 27 Sep 2000 07:23:38 +0000 (GMT) From: Terry Lambert <tlambert@primenet.com> To: julian@elischer.org (Julian Elischer) Cc: rwatson@FreeBSD.ORG (Robert Watson), freebsd-fs@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG, trustedbsd-discuss@TrustedBSD.org Subject: Re: VOP_ACCESS() and new VADMIN/VATTRIB? Message-ID: <200009270723.AAA20257@usr05.primenet.com> In-Reply-To: <Pine.BSF.4.10.10009262311160.13148-100000@InterJet.elischer.org> from "Julian Elischer" at Sep 26, 2000 11:12:37 PM
next in thread | previous in thread | raw e-mail | index | archive | help
Julian Elisher wrote: > I agree with all you have said here. > > On Tue, 26 Sep 2000, Robert Watson wrote: > > In general, access control for operations within a file system is > > determined via a recursive VOP_ACCESS() call on the vnode, vis. > > > > VOP_OPEN(vp, ...) -> ufs_open(vp, ...) -> VOP_ACCESS(vp, ...) -> > > ufs_access(vp, ...) > [...] Perhaps a better question would be "assuming you generalize the references cited using the orioised VADMIN, how many references not using VOP_ACCES() will remain?". I think the generalization and centralization which took place are really bad things, since I think administrative policy is something that I may very well want to set on _both_ a system basis _and_ on a per-FS basis. I also think that read-only-ness of an FS is a mount option having nothing to do with the underlying FS itself. It seems to me that some of the centralization should, in fact, be backed out, since it seems that it would preclude layer recursion in some useful stacking arrangements, much in the same was a non-NULL VOP did when the "default" layer was introduced (with no mechanism to provide default semantics for nely defined VOPs, without a kernel recompile). Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009270723.AAA20257>