StorNext Security

There are two predominant security models in modern file systems:

• Unix permission bits
• Access Control Lists (ACLs)

StorNext supports both models and when they are used depends on the client platform and StorNext file system configuration settings. Most notably, the securityModel configuration variable may be set to one of the following values:

• ACL: With the ACL security model, permissions are enforced on Windows systems based on ACLs. On all other platforms, the security check is based on a combination of ACLs and Unix permission bits.
• Unixpermbits: With the Unixpermbits security model, permissions are enforced on all platforms (including Windows) based on Unix permission bits.
• Legacy: With the Legacy security model, permissions are enforced on Linux and Unix systems based on Unix permission bits.
  • Mac systems use either ACLs or Unix permission bits or a combination of the two, depending on other StorNext file system configuration settings.
  • Windows systems use ACLs when the Windows Security setting is enabled; otherwise, Windows systems do not perform security checking.

The behavior of the various models is summarized in Table 1.

Table 1: StorNext Permission Method Summary

	Windows Native Clients and Windows SMB Clients to a Windows Server	Xsan	Linux/Unix	SMB clients to a Samba server	NFS
securityModel = acl	ACLs	Combination of ACLs and Unix Permission Bits	Combination of ACLs and Unix Permission Bits	ACLs¹ but fall back to Unix Permission Bits if no ACL	Combination of ACLs and Unix Permission Bits
securityModel = unixPermBits	Unix Permission Bits	Unix Permission Bits	Unix Permission Bits	Unix Permission Bits	Unix Permission Bits
securityModel = legacy, windowsSecurity = false	No Access Check	Unix Permission Bits	Unix Permission Bits	Unix Permission Bits	Unix Permission Bits
securityModel = legacy, windowsSecurity = true enforceACLs = false	ACLs	Unix Permission Bits	Unix Permission Bits	ACLs¹ but fall back to Unix Permission Bits if no ACL	Unix Permission Bits
securityModel = legacy, windowsSecurity = true enforceACLs = true	ACLs	Combination of ACLs and Unix Permission Bits	Unix Permission Bits	ACLs¹ but fall back to Unix Permission Bits if no ACL	Unix Permission Bits

¹ ACLs only supported for Samba when using the Appliance Controller stack and enabling ACLs for a share

The selection of security model is made on a per file system basis. After a file system has been created, in many cases it is possible to change the security model without reinitializing the file system. However, there are a few exceptions:

• It is not possible to transition from the ACL model to the Unixpermbits model.
• It is not possible to transition to the Unixpermbits model from the Legacy model if Windows Security is enabled.

Which model is appropriate will depend on security requirements. Unix permission bits are simpler but not as flexible as ACLs. Both the ACL and Unixpermbits security models allow a single type of file permissions (ACLs or Unix permission bits) to be enforced uniformly across all platforms in a heterogeneous environment providing a consistent experience. However, in some cases, due to identity mapping constraints, the legacy model must be used. In such environments, both Unix permission bits and ACLs must be separately maintained.