• Next message: Stephen Tweedie: "Re: A few question, mostly about pl8"
• Previous message: Tomasz Retelewski: "Re: Kernel crash: Need help fixing my Ext2fs"
• Next in thread: H. Peter Anvin N9ITP: "Re: Access control lists and Linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

From: sct@dcs.ed.ac.uk (Stephen Tweedie)
Subject: Re: Access control lists and Linux
Date: 14 Apr 1993 22:15:03 GMT

In article <1rj7ug$89r@walt.ee.pdx.edu>, gary@acacia (Gary Moyer) writes:

> steve@rama.demon.co.uk (Steve Entwistle) writes:
> : One possibility would be to develop a generalised security
> : package, such as RACF, used on IBM Mainframe systems. This system uses a
> : central database in which all the security information for various
> : resources is stored, e.g. Files, Users, Terminals etc.

> : Rather than changing the filesystem code, you could insert a
> : call to the resource checking routine in all the system calls that
> : access the resource you want to protect (in this case, all the
> : system calls concerned with file accesses). If there is no entry
> : in the database for a particular file, I guess you would then just
> : use the normal file permission bits.
> :
> : The advantages of doing it this way is that not only is it
> : filesystem independent, but it is also readily extended to
> : protecting other resources.

Hmm - the biggest problem I can see here is that filesystems can be
pretty dynamic things. For instance, how would a centralised security
server cope with maintaining consistency across remote (NFS)
filesystems, and how would it cope with dynamicly mounted filesystems
or filesystems with removeable media?

It may be a good idea to have a security service daemon, for example,
but this would have to be done in such a way that the security
database could be distributed over the various filesystems so that the
security information for any filesystem is kept on that filesystem.

> Thoughts?

> I've been digging into the kernel as of late and noticed that the author of
> the ext2 filesystem already has some ACL structure embedded in the inode.

Indeed - the ext2fs has inodes reserved to hold an ACL database, and
has reserved space within each inode for file and directory indexes
into the ACL database. However, there is as yet not even any proposal
as to the precise form these will take - they are currently just
placeholders, there to ensure that an ACL extension in the future will
be compatibile with existing ext2fs filesystems.

Cheers,
 Stephen Tweedie.

• Next message: Stephen Tweedie: "Re: A few question, mostly about pl8"
• Previous message: Tomasz Retelewski: "Re: Kernel crash: Need help fixing my Ext2fs"
• Next in thread: H. Peter Anvin N9ITP: "Re: Access control lists and Linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]