[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux
From: |
Andreas Grünbacher |
Subject: |
Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux |
Date: |
Tue, 15 Nov 2022 13:35:22 +0100 |
Am Di., 15. Nov. 2022 um 10:17 Uhr schrieb Ondrej Valousek
<ondrej.valousek.xm@renesas.com>:
> I mean from RFC8881:
> " The server that supports both mode and ACL must take care to synchronize
> the MODE4_*USR, MODE4_*GRP, and MODE4_*OTH bits with the ACEs that have
> respective who fields of "OWNER@", "GROUP@", and "EVERYONE@". This way, the
> client can see if semantically equivalent access permissions exist whether
> the client asks for the owner, owner_group, and mode attributes or for just
> the ACL."
>
> ... I take it these 3 ACEs should always represent mode bits.
The NFSv4 specification is /very/ bad at specifying the interaction
between the acl and mode attributes. For example, consider an ACL like
"A::EVERYONE@:rwaDx" for a directory. This would correspond to a mode
attribute of "------rwx" according to the above statement, but the ACL
really grants "rwx" access to everyone including the owner and the
owning group, which would equate to a mode attribute of "rwxrwxrwx".
(Remember that the lower three mode bits indicate the permissions of
"others", which excludes the owner and the owning group, so
"------rwx" is not the same as "rwxrwxrwx".)
Andreas
- RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/07
- [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/09
- RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/11
- [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/14
- Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Andreas Grünbacher, 2022/11/14
- RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/15
- Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Andreas Grünbacher, 2022/11/15
- Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux,
Andreas Grünbacher <=
- RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/15
- Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Andreas Grünbacher, 2022/11/15
- RE: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/16
Re: [PATCH] Basic support for checking NFSv4 ACLs in Linux, Paul Eggert, 2022/11/14
[PATCH] Basic support for checking NFSv4 ACLs in Linux, Ondrej Valousek, 2022/11/24