IETF Logo Mail Archive

Re: [nfsv4] Re: [NFS] NFSv4 ACL and POSIX interaction / mask, draft-ietf-nfsv4-acls-00 not ready

Andreas Gruenbacher <agruen@suse.de> Fri, 14 July 2006 19:05 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1Syx-0000mi-I2; Fri, 14 Jul 2006 15:05:47 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1Syv-0000X8-MN for nfsv4@ietf.org; Fri, 14 Jul 2006 15:05:45 -0400
Received: from cantor2.suse.de ([195.135.220.15] helo=mx2.suse.de) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G1Syu-0004wm-DW for nfsv4@ietf.org; Fri, 14 Jul 2006 15:05:45 -0400
Received: from Relay2.suse.de (mail2.suse.de [195.135.221.8]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx2.suse.de (Postfix) with ESMTP id 5AB4B1EC21; Fri, 14 Jul 2006 21:05:43 +0200 (CEST)
From: Andreas Gruenbacher <agruen@suse.de>
Organization: Novell / SUSE Labs
To: nfsv4@ietf.org
Subject: Re: [nfsv4] Re: [NFS] NFSv4 ACL and POSIX interaction / mask, draft-ietf-nfsv4-acls-00 not ready
Date: Fri, 14 Jul 2006 21:02:44 +0200
User-Agent: KMail/1.9.1
References: <200607032310.15252.agruen@suse.de> <200607071355.30624.agruen@suse.de> <20060714175930.GD20999@fieldses.org>
In-Reply-To: <20060714175930.GD20999@fieldses.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200607142102.45216.agruen@suse.de>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7a6398bf8aaeabc7a7bb696b6b0a2aad
Cc: "J. Bruce Fields" <bfields@fieldses.org>, Sam Falkner <Sam.Falkner@sun.com>, Spencer Shepler <spencer.shepler@sun.com>, nfs@lists.sourceforge.net, Brian Pawlowski <beepy@netapp.com>
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/nfsv4>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
Errors-To: nfsv4-bounces@ietf.org

On Friday, 14. July 2006 19:59, J. Bruce Fields wrote:
> For a server that doesn't support the new attributes, the client still
> has available any of the current options: give up on non-destructive
> chmod, or fall back on representing mask bits with DENIES.

Maybe not what you meant, but shouldn't the client rely on the server to do 
"the right thing" when it sees a mode SETATTR? I think it would be a bad idea 
for the client to guess such details as which exact file security model a 
server implements. Instead, the server should be responsible for doing what 
the client is asking for (and erring towards more restrictive permissions if 
necessary).

Andreas

_______________________________________________
nfsv4 mailing list
nfsv4@ietf.org
https://www1.ietf.org/mailman/listinfo/nfsv4

v2.23.0 | Report a Bug | By Email