ACL sorting, qualifier uniqueness
Casey Schaufler
casey at sgi.com
Mon Mar 12 17:04:08 GMT 2001
Robert Watson wrote:
>
> In my first implementation of ACLs on FreeBSD, I required that userland
> processes submit only ACLs with strictly sorted entries. ...
>
> 1) What sorting requirements, if any, are enforced in other
> implementations? Also, what syntactic requirements, if any, are
> enforced with regards to duplicated qualifiers for a tag?
In Irix the ACL entries must be sorted. The system calls which
import ACLs to the kernel always validate the ACLs, and reject
the if imperfect. If there are two ACL_MASK entries, for example,
the ACL is invalid.
> 2) Many calls specifically disclaim ordering as a property that will
> be preserved over the call. To what extent is this the case on
> other platforms?
We did not implement the ACL composition functions on Irix.
They seemed unnecessarily grandious for the purpose. How often
do you need to compose an ACL, and how often is acl_from_text()
insufficient to the task, given that it does sort the entries?
> If desirable, I can reinstate the ordering verification in kernel along
> with the associated syntactic check for qualifiers, and similarly
> introduce an acl_sort() invocation in acl_set_{fd,file}(). Just want to
> get a feel for what other platforms do.
acl_sort() in the library is a small price to pay for sanity
in the kernel.
--
Casey Schaufler Manager, Trust Technology, SGI
casey at sgi.com voice: 650.933.1634
casey_p at pager.sgi.com Pager: 888.220.0607
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list