Remove old note, add a new note. This has to do with use of extended

attributes on ACLs. Submitted by: rwatson (original version)
svn path=/head/; revision=15295
2002-12-11 01:22:23 +00:00 · 2002-12-11 01:22:23 +00:00 · 0b240c05a8 · 2020-12-08 03:00:23 +00:00
commit 0b240c05a8
parent 4c7444038d
1 changed files with 6 additions and 4 deletions
--- a/en_US.ISO8859-1/books/handbook/security/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/security/chapter.sgml
@ -3511,10 +3511,12 @@ user@unfirewalled.myserver.com's password: <userinput>*******</userinput></scree
      the file system.  This is supported natively in the next generation of
      the <acronym>UNIX</acronym> file system or <acronym>UFS2</acronym>.</para>

-    <note><para>The use of extended attributes on <acronym>UFS1</acronym> file
-      systems will lead to higher administration overhead and lower overall
-      file system performance.  <acronym>UFS2</acronym> does not have this
-      problem.</para></note>
+    <note><para>A higher level of administrative overhead is required to
+      configure extended attributes on <acronym>UFS1</acronym> than on
+      <acronym>UFS2</acronym>.  The performance of extended attributes
+      on <acronym>UFS2</acronym> is also substantially higher.  As a
+      result, <acronym>UFS2</acronym> is generally recommended in preference
+      to <acronym>UFS1</acronym> for use with access control lists.</para></note>

    <para>To enable <acronym>ACLs</acronym> on a file system, the <option>-a</option>
      option can be passed to &man.tunefs.8; in a manner similar to the Soft Updates