From owner-freebsd-security Sun Mar 14 1:44:30 1999 Delivered-To: freebsd-security@freebsd.org Received: from alcanet.com.au (border.alcanet.com.au [203.62.196.10]) by hub.freebsd.org (Postfix) with ESMTP id 3F09614E0E for ; Sun, 14 Mar 1999 01:44:26 -0800 (PST) (envelope-from peter.jeremy@auss2.alcatel.com.au) Received: by border.alcanet.com.au id <40323>; Sun, 14 Mar 1999 19:31:50 +1000 Date: Sun, 14 Mar 1999 19:43:57 +1000 From: Peter Jeremy Subject: Re: disapointing security architecture To: freebsd-security@FreeBSD.ORG Message-Id: <99Mar14.193150est.40323@border.alcanet.com.au> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Wes Peters wrote: >My suggestion for FreeBSD would be to steal half of the disk direct >blocks in the disk inode for ACL information. The downside of this is that _all_ files between 7 and 12 blocks long (typically 48-96KB) will then need an indirect block - adding an extra block to its size (additional indirect blocks are needed for other sizes as well, but this first one is the biggest relative space/time hit). Whilst this may be reasonable for a system where the majority of the files have individual ACLs, I suspect this wouldn't be true of most systems. IMHO, stealing an extra inode (or disk block) only for files that need ACLs would be preferable (especially if ACL sharing is implemented). Admittedly, we still need to find space for the additional pointer in the inode. Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message