On Mon, 12 Mar 2001, Greywolf wrote:

: # > 	If so, which fs layer(s) are we going to need to modify?  Since
: # > 	we're doing vfs->(every_other_fs), some vfs hooks will need to
: # > 	be put in, possibly returning EINVAL if ACL is not compiled
: # > 	into the kernel, for example.  We'll probably need hooks into
: # > 	ffs/ufs and nfs, as well; likely others.
: #
: # No, we won't. We already have VOP_ACCESS(), which determines if you have
: # read, write, or exec privileges. To add ACL support, all we need to do is
: # add the extra flags whatever ACL method we use adds.
:
: Okay, so how do we then handle modification of the ACL?  VOP_ACCESS()
: only handles the access on the file; it does not do manipulation of
: the access controls.

Additionally, something needs to *read* the ACLs for the purposes of
manipulation and listing, and stashing them in the vnode may not be
appropriate (it might be variably sized, and it's a space waste)

-- 
-- Todd Vierling <tv@wasabisystems.com>  *  Wasabi NetBSD:  Run with it.
-- NetBSD 1.5 now available on CD-ROM  --  http://www.wasabisystems.com/