The NFSv4 working group (under the IETF umbrella) were tasked with creating a network filesystem which, among other goals, would provide interoperability between POSIX and WIN32 systems. As part of this effort they developed yet another standard for ACLs which aimed to support the access model of WIN32 while still being usable on POSIX.
Actually, it's really just a copy of Windows ACLs as far as I can tell--different implementors have made different choices as to how to reconcile with POSIX.
The Richacl implementors (mainly Andreas Gruenbacher) have added some extra "mask bits" as a way to ensure that a chmod can still restrict permissions without permanently losing information from any ACL set on the file. Interestingly enough, the hardest part then becomes mapping the resulting masked ACL to a Windows/NFSv4-like ACL....
Readers in search of a challenge can go look at their code and figure out if there's a better mapping. I've drawn a blank so far. It's likely what we'll end up doing.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds