KACL from KIO isn't really POSIX-compliant
Adriaan de Groot
groot at kde.org
Fri Dec 11 16:56:38 GMT 2020
On 2020 dekula d. 11id 16:37:19 CET Aleix Pol wrote:
> > I tried compiling kio/src/core/kacl.cpp on FreeBSD, which does support
> > POSIX ACLs, and failed. This is because KACL's code uses non-standard
> > Linux-specific acl_* functions. I tried implementing them using standard
> > ones and it turned out to be impossible, mainly because types like acl_t
> > are opaque to the user of the library.
[[ I'm aware of Gleb's work, I'd really like a non-FreeBSD perspective on this
]]
Here's *part* of the problem:
bool KACL::operator==(const KACL &rhs) const
{
#if HAVE_POSIX_ACL
return (acl_cmp(d->m_acl, rhs.d->m_acl) == 0);
#else
Q_UNUSED(rhs);
return true;
#endif
}
It *looks* like portable code, it's checking if POSIX is available, does a
comparison, that's fine. Except that acl_cmp() is **not** a POSIX function.
https://man7.org/linux/man-pages/man3/acl_cmp.3.html
The POSIX ACL spec sucks. There is no way to compare sets of ACLs. So the non-
portable Linux-specific function makes a lot of sense: that **should** have
been in POSIX.
Gleb's question is about where this should be fixed. FreeBSD's libc is the
"obvious" solution, because this is generally useful ACL API, but fixing up
libc, especially with something grotty like a Linux-specific function
(opinions expressed may not be my own) is a slooooowww process. But doing the
same thing in KIO itself means a huge code bloat in KIO.
[ade]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20201211/81e510e5/attachment.sig>
More information about the Kde-frameworks-devel
mailing list