The second mechanism, Automatic Inheritance, extends the first: ACEs which are inherited from the parent are marked as such; when the parent permissions are modified, the inherited permissions change as well.
Richacl offers a superset of features from POSIX and Linux ACLs; it makes more sense to stop duplicating information, and at least for kernel internals, entirely switch to the most expressive system.
We weren't waiting for a cell entry or a riot. For example, how did you choose which parts of the inmate's stories to reveal and not reveal? I'd argue that we'd be far better off switching to native Richacl solely.
We just need to get used to the idea of negative permissions. Can you talk about that process? Personally, I tend to think of those from the opposite positive point of view. And if you plop it in a system where you have root, the perms don't matter anyways.
Here's the simplest general use-case for Richacls: every daemon that writes to a log file. In my experience, it's VERY rare today.
File permissions may. I mean, there's risk of data corruption inherent in that, if the network goes awry. Jacobson: We shot with the same crew on all of our visits.