bug#13226: 24.3.50; set-file-acl on MS Windows shall check ACL string format

[Eli Zaretskii]

> From: Michael Albinus <michael.albinus@gmx.de>
> Date: Wed, 19 Dec 2012 15:59:05 +0100
> Cc: Romain Francoise <romain@orebokech.com>, 13226@debbugs.gnu.org
> 
> Stefan Monnier <monnier@IRO.UMontreal.CA> writes:
> 
> >> (file-acl "/plink:albinus@ford:~/.emacs")
> >
> >> "user::rwx
> >> group::rwx
> >> other::r-x
> >> "
> >
> > BTW, the above is 100% redundant with the file-modes info.  Is there
> > some way to get "the ACL data minus the part that's already in
> > file-modes".  E.g. in the above case it could return nil.
> 
> The "getfacl" command has the "--skip-base" option:
> 
> --8<---------------cut here---------------start------------->8---
> ~> getfacl --access --omit-header ~/.emacs 2>/dev/null
> user::rwx
> group::rwx
> other::r-x
> ~> getfacl --access --omit-header --skip-base ~/.emacs
> ~> 
> --8<---------------cut here---------------end--------------->8---
> 
> I could apply this. And it shall be possible in the native Ffile_acl
> function as well. Romain?

I don't think this is a good idea.  You cannot do this portably.  In
particular, on MS-Windows this is impossible, because the set of
access rights is much richer than on Posix, and there are various
"inheritance" parts in the ACL that cannot be expressed as mode bits.

Even on Posix, there's the "default" ACL which in practice affects the
access rights, and is invisible in the "access" ACL.

I think we are taking this feature out of proportions.  It was
supposed to allow copying extended attributes from file to file; for
that, we don't need to care whether the ACL is trivial or not.  But
now we seem to start down the road of trying to interpret the ACL,
which would need much more complex machinery.  Do we really need that?