First page Back Continue Last page Overview Graphics
Modifying the Linux kernel for Windows/NFSv4 ACL support
Ideally the filesystem and process token would store 128-bit principals.
- This allows for storage of 'foreign' principals.
- Attempting to map foreign principals to 32 bit POSIX principals loses information and may not always be possible.
- The standard POSIX calls would map onto 'native' principals with a 96-bit machine id of zero (representing this machines identifying authority).
- New system calls would allow setgroups() to store full 128 bit principals in the process token, as well as get and set the full principal information in the file meta-data.