[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [nfsv4] nfsv4.1 acl: Remove operation and ACE4_ADD_SUBDIRECTORY

To: "Aneesh Kumar K.V" <aneesh.kumar at linux.vnet.ibm.com>
Subject: Re: [nfsv4] nfsv4.1 acl: Remove operation and ACE4_ADD_SUBDIRECTORY
From: "J. Bruce Fields" <bfields at fieldses.org>
Date: Thu, 15 Oct 2009 14:37:07 -0400
Cc: Frank S Filz <ffilz at us.ibm.com>, Steven French <sfrench at us.ibm.com>, nfsv4 at ietf.org, Andreas Gruenbacher <agruen at suse.de>
Delivered-to: nfsv4 at core3.amsl.com
In-reply-to: <20091015081955.GC29479 at skywalker.linux.vnet.ibm.com>
List-archive: <http://www.ietf.org/mail-archive/web/nfsv4>
List-help: <mailto:nfsv4-request@ietf.org?subject=help>
List-id: NFSv4 Working Group <nfsv4.ietf.org>
List-post: <mailto:nfsv4@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
References: <20091015081955.GC29479 at skywalker.linux.vnet.ibm.com>
User-agent: Mutt/1.5.18 (2008-05-17)

On Thu, Oct 15, 2009 at 01:49:55PM +0530, Aneesh Kumar K.V wrote:
> Hi,
> 
> I am looking for a clarification with respect to below section in nfsv4.1 RFC
> 
> 6.2.1.3.2.  ACE4_DELETE vs. ACE4_DELETE_CHILD
> 
> The section states
> "If the ACLs in question neither explicitly ALLOW nor DENY either of the above,
>  and if MODE4_SVTX is not set on the parent, then the server SHOULD allow the
>  removal if and only if ACE4_ADD_FILE is permitted. In the case where MODE4_SVTX
>  is set, the server may also require the remover to own either the parent or the
>  target, or may require the target to be writable."
> 
> I am wondering why we consider only ACE_ADD_FILE. Why not ACE4_ADD_SUBDIRECTORY also ?

I agree, it would probably make more sense to say "if and only if
ACE_ADD_FILE (or, for removal of directories, ACE_ADD_SUBDIRECTORY) is
permitted." (And change "ACE4_ADD_FILE" to "ACE4_ADD_FILE and
ACE4_ADD_SUBDIRECTORY" in the following paragraph.)

The use of "SHOULD" as opposed to "MUST" here is intentional, and I
think server implementers will need to use some judgement when fitting
these recommendations to their OS's security model.

--b.

Follow-Ups:
- Re: [nfsv4] nfsv4.1 acl: Remove operation and ACE4_ADD_SUBDIRECTORY
  - From: Andreas Gruenbacher
- Re: [nfsv4] nfsv4.1 acl: Remove operation and ACE4_ADD_SUBDIRECTORY
  - From: Sam Falkner

References:
- [nfsv4] nfsv4.1 acl: Remove operation and ACE4_ADD_SUBDIRECTORY
  - From: Aneesh Kumar K.V

Prev by Date: [nfsv4] Read delegations and LOCK operation
Next by Date: [nfsv4] FedFS Meeting Minutes, 10/15/2009
Previous by thread: [nfsv4] nfsv4.1 acl: Remove operation and ACE4_ADD_SUBDIRECTORY
Next by thread: Re: [nfsv4] nfsv4.1 acl: Remove operation and ACE4_ADD_SUBDIRECTORY
Index(es):
- Date
- Thread