I am not completely sure what David meant. I think I agree
with what he meant, but would argue with your assumption.
A process can be both drosehn@rpi.edu and gad@umich.edu at
the same moment. By being drosehn@rpi.edu, I'm also in any
number of AFS groups at RPI (a number that I have no knowledge
of or control over).
What AFS does not want is for a single process to be drosehn@rpi.edu
and linus@rpi.edu at the exact same time. That is to avoid the
question of what open() should do on a file which is permitted:
drosehn rlidwka
linus none
The above says linus@rpi.edu should have absolutely no access to
the file, no matter what AFS or unix groups he is in. At the same
time, drosehn@rpi.edu has complete access to the file. If the
process claims to be both of those users, then what is open()
to do? In the pure-unix world, is a process both userid linus
and userid drosehn? No. (it might have different values for
userid and effectiveUserid, but it only has one value for userid
and only one value for effectiveUserid).
You could argue that open() should give access, or that it should
not give access, but my point is that the limitation against being
multiple AFS users at a single time is to avoid that question.
It was not the side-effect of some other decision.
*1 = Actually, in afs the permissions are on a directory level,
but I'd agree that they *should* be on the file level, and
thus I said it that way...
-- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/