| 摘要 |
Method and system for access based directory enumeration is provided. When a directory is enumerated for a first time, user credentials are verified against an access control list (ACL) entry that is referenced by an ACL inode (referred to as Xnode). The Xnode number is obtained from a file handle for a directory entry. The verification is recorded in a data structure that stores the Xnode identifier and user identifier. When the directory is enumerated again, the data structure is used to verify that the user has been validated before, instead of loading and checking against an ACL entry. |
