Access Control Lists (ACL) Lab

Overview    Requirement (mandatory / bonus)    Due/Submission    Helpful Documents    Resources

Overview:

This project is intended to help students understand the concept of the ACL. Minix has already implemented the abbreviated Access Control Lists, namely, the ACL is based on owner, group and other users. This suffers from a loss of granularity. In this project, you need to implement the full ACL for Minix. The full ACL contains additional permissions on a per user basis, which override the standard MINIX permissions.

Requirement:

Basic (10 point) :  Add a fixed access control list to a file. 

    You can choose any fixed access control list. Namely, the access control list is hardcoded in the system.

Bonus (5 point) :   Users can choose their own access control list that they want to add to a file. 

    In addition to making changes in the OS kernel, you also need to implement two utility programs setacl and getacl that is used to set/get the acls of a file. However, you should not spend too much time on the usability of these two utility programs. 

Demonstration

You also need to develop some simple testing programs to demonstrate these functionalities. A demonstration is required for this project. If you have only designed the bonus parts (without an implementation), you should present your design to the TA during the demonstration.

Submission:

Helpful Documents

Access Control List FAQ [PDF] or [DOC] or [PS]
Trusted Minix: A worked Example [html]
Accss Control List Implementation Project Issues (last year) [html] 
Good document on ACL [PDF]
Minix Code Hierarchy [PDF]
ACL project files [PDF]

Resources on ACL/Minix/Linux

Updated: 02/19/2005