mounttable: Make ACLs actually so something useful.
1) The Tags are explained in service.vdl. Very similar to Unix. The
only non trivial one is for Glob. There you can glob any entry in
a directory if the directory has Read access set for the client.
If the directory has Resolve access but not Read access the client
can still see entries if it has any access to them.
2) If the acl config file grants Admin access to the root to any user,
that user becomes a superuser for the whole mounttable. Subsequent
changes to the root's ACL cannot change that.
3) The acl config file can also include acl templates. This is to allow
us to say things like "any google user can create a name matching his
user id in directory google/users". The patterns are extremely
constrained and can only come from the config file (i.e. not from
SetACL). I may make that more flexible in the future. A pattern
looks like:
"google/users/%%": {
"Admin": { "In": ["google/%%/..."] }
}
This says that a user has Admin access to any name "google/users/xxx"
if he has a blessing that matches "google/xxx/...". The template
variable %% can only appear at the end of the name but can appear
anywhere in the blessing pattern. I may also relax that in the
future but this already allows us to do some fairly useful
stuff if we offer a mounttable service to the world.
Change-Id: I363d723b8eb25dc2752079be68609e1d1314dfb9
6 files changed
