Design Considerations Smaller block size reduces amount of wasted space Larger block size increases speed of sequential reads (may not help random access) ● Should the file system be faster or more reliable? . But faster at what:Large files?Small files? Lots of reading?Frequent writers, occasional readers?
Design Considerations • Smaller block size reduces amount of wasted space • Larger block size increases speed of sequential reads (may not help random access) • Should the file system be faster or more reliable? • But faster at what: Large files? Small files? Lots of reading? Frequent writers, occasional readers?
File system Security File systems in multi-user environments need to secure private data Notion of username is heavily built into FS Different users have different access writes to files
File system Security • File systems in multi-user environments need to secure private data – Notion of username is heavily built into FS – Different users have different access writes to files
UNIX Permission Bits World is divided into three scopes: User-The person who owns (usually created) the file Group -A list of particular users who have "“group ownership”of the file Other -Everyone else ·“Read,”“write”and“execute”permissions applicable at each level
UNIX Permission Bits • World is divided into three scopes: – User – The person who owns (usually created) the file – Group – A list of particular users who have “group ownership” of the file – Other – Everyone else • “Read,” “write” and “execute” permissions applicable at each level
UNIX Permission Bits:Limits Only one group can be associated with a file No higher-order groups(groups of groups) Makes it difficult to express more complicated ownership sets
UNIX Permission Bits: Limits • Only one group can be associated with a file • No higher-order groups (groups of groups) • Makes it difficult to express more complicated ownership sets
Access Control Lists More general permissions mechanism Implemented in Windows Richer notion of privileges than r/w/x -e.g.,SetPrivilege,Delete,Copy... Allow for inheritance as well as deny lists Can be complicated to reason about and lead to security gaps
Access Control Lists • More general permissions mechanism • Implemented in Windows • Richer notion of privileges than r/w/x – e.g., SetPrivilege, Delete, Copy… • Allow for inheritance as well as deny lists – Can be complicated to reason about and lead to security gaps