Subject: Re: ACL
To: None <wojtek@wojtek.from.pl>
From: Bill Studenmund <wrstuden@zembu.com>
List: tech-kern
Date: 04/03/2001 12:45:08
On Tue, 3 Apr 2001 wojtek@wojtek.from.pl wrote:
> > > i'm talking about software, not hardware
> >
> > So I shouldn't have done the layered file system work I did? That's
> > software only. We shouldn't have new file systems, like NTFS? We shouldn't
>
> you mean NTFS is good?
If you have files on an NTFS partition you need to access, yes it most
certainly is.
> > > how difficult is to use /etc/groups more intensively?
> > > it's really ease.
> >
> > Did you read Phil's notes? How do you put yourself in 17 groups at once?
>
> never have need for that
But that is the point! :-) You're saying that you find the current group
model is fine. Yet you've never run into its limitations. Other people
have run into its limitations. Why tell them that the current security
model should be enough, when they've said it isn't? :-)
> > Ahh. If you thought that ACLs came from Windows, then yes, I can see your
> yes.
> > confusion. ACLs, as I think Bill Sommerfeld mentioned, are older than
> > UNIX. I'm not really sure what the best ACL reference is. But try to find
> > out some on permissions for AFS, or the security part of DCE. I hope other
> > folks will contribute references too. These are all very UNIX-centric ACL
> > environments.
>
> any URL please?
I've not found many. I wanted to find ones for DCE, but didn't. The only
ones I found were the Linux ACL folks and the TrustedBSD folks. One thing
I'd point out about the Linux folks is that they are trying to impliment a
POSIX (draft I think) standard. So it's not a Linux-invented thing. :-)
http://acl.bestbits.at/
http://www.trustedbsd.org/
Take care,
Bill