[cap-talk] More Heresey: ACLs not inherently bad
Jonathan S. Shapiro
shap at eros-os.com
Thu Sep 18 15:12:14 CDT 2008
On Thu, 2008-09-18 at 16:01 -0400, Sandro Magi wrote:
> Jonathan S. Shapiro wrote:
> > That is: in the absence of persistence we are going to end up with a
> > layer where there is something that amounts to a shared global file name
> > space (or equivalently, a shared global object space) and we will then
> > face challenges with both re-establishment of rights on restart and
> > enforcement of those rights.
> >
>
> Right, I was assuming persistence ala EROS, where the leaves of the tree
> repo tree are EROS File objects. Your requirements stipulated efficient
> ACL-like control in a cap system. This approach provide efficient local
> ACLs in EROS.
In spite of what I wrote above, I don't really think so. In particular,
you haven't accounted for how the ACL groups are going to get maintained
here.
More information about the cap-talk
mailing list