Aligning extended attributes API with Mac OSX?

Wilkinson, Alex alex.wilkinson at dsto.defence.gov.au
Wed May 4 17:05:06 PDT 2005


    0n Wed, May 04, 2005 at 11:50:01PM +0100, Robert Watson wrote: 

    >
    >On Tue, 3 May 2005, Craig Rodrigues wrote:
    >
    >>An extended attributes API was just added to Mac OSX 10.4. This API 
    >>looks very similar to FreeBSD's. Right now there is no POSIX standard 
    >>for extended attributes, but EA are useful for many different types of 
    >>things.
    >>
    >>I don't know if EA are widely used in applications on FreeBSD, but what 
    >>do people think about aligning our API with Mac OSX?
    >>
    >>Here are the man pages for some of the API's:
    >
    >I've actually started looking through the kernel parts of the EA APIs, and 
    >will shortly be working my way to system calls, library calls, etc.  It is 
    >my intent to adopt more widely used APIs as appropriate -- when I added EA 
    >APIs to FreeBSD, the only comparable APIs I knew of were the HPFS extended 
    >attribute model, and the SGI XFS model.  I modeled our EA semantics on the 
    >SGI model, following meetings and e-mail exchanges with members of SGI's 
    >trusted OS group.  I had hoped that we'd pursuade others to pick up our 
    >APIs, such as the Linux ACL and capability developers, but apparently I 
    >was unsuccessful in doing that, although we did reach concensus on 
    >elements of the POSIX.1e draft ACL APIs in a number of areas.
    >
    >So this is something I am willing and happy to look at; we'll need to go 
    >through a proper deprecation cycle, and it will happen time permitting. 
    >If you're interested in looking into the details and summarizing the 
    >specific changes, that might be quite helpful.  In particular, one of the 
    >more important aspects of our design, derived from SGI's design, is the 
    >association of protection properties with "name spaces".  I.e., a system 
    >name space that requires privilege to manipulate, so can hold system 
    >maintained properties, such as ACLs and MAC labels, vs a user name space, 
    >which is protected using the normal permissions/ACLs on a file, permitting 
    >users to modify the contents.  Determining to what extent protections are 
    >handled/managed in the Darwin model will be important.
    >
    >I'm scheduled to visit Apple shortly after BSDCan to talk about these and 
    >related issues -- if you come up with specific questions or concerns 
    >before then, I can raise them during my visit.


FYI there is a solid review of Tiger at arstechnica (109 pages). Here 
is the section on macos-x's EA: [http://arstechnica.com/reviews/os/macosx-10.4.ars/7]

 - aW


More information about the freebsd-arch mailing list