[cap-talk] More Heresey: ACLs not inherently bad
Jonathan S. Shapiro
shap at eros-os.com
Wed Sep 17 04:07:47 CDT 2008
On Tue, 2008-09-16 at 15:27 -0700, Jed Donnelley wrote:
> Unfortunately, it reads to me as if what Jonathan is requiring is a
> Unix compatible interface....
Yes
> It's interesting to me that this is about the same position we found
> ourselves in at LLNL circa 1988. We were able to argue from a
> somewhat stronger position because we had already emulated our
> previous operating system...
Yes and no. Two issues:
1. Jonathan is prepared to accept a hybrid system for the sake of
compatibility, and then go on to avoid building any of the system layer
security on the ACL mechanism.
2. I still haven't heard a credible answer to the sharing problem that
doesn't reconstruct ACLs.
shap
More information about the cap-talk
mailing list