move audit/priviliage check into VFS
Howard Su
howard0su at gmail.com
Sun Apr 22 22:25:39 UTC 2007
When I working on tmpfs privilege, I need copy a lot of privilege
check code from UFS. I suppose there is same problem in ZFS. So moving
this sort of privilege code into VFS will reduce a lot of duplicate
code and also make fs implementation simple and consistent in security
thing.
Besides that, some quota/extattr feature can be also implement in VFS layer.
I suppose the fact today that a lot of stuffs are UFS related is
because we have VFS after UFS. So VFS only abstracts the common stuffs
for a misc file system like iso/udf/msdosfs. We didn't suppose we will
have more full-featured file system besides UFS. (NFS has its own &
different implementation about security.)
Does VFS have other design goal that I am not aware to preventing us
moving more shared code into it?
--
-Howard
More information about the freebsd-arch
mailing list