Subject: Re: ACL's revisited
To: Simon J. Gerraty <sjg@quick.com.au>
From: Jason R. Fink <jrf@cyberspace.org>
List: tech-kern
Date: 08/24/2001 09:59:57
> >why? do you prefer compilicated thing instead of simple?
> >while simple (unix permissions) is so powerfull that you can set what you
> >like
> 
> Goups more than satisfy the needs of many, but they do have limitations.
> Most of us are not running NetBSD on PDP's so we can afford a little extra
> functionality now and then.

Very true, in some environments (say like mine) I have had up to 600 
concurrant command line logins to perform data gathering/manipulation.
Using standard UNIX permissions to manage the flow of the information
has been a disaster, the solution, ACLs. The first solution was to
stupify the user interface, which caused an intense workload on the
development group. The ultimate solution came in the form of ACLs.

ACLs made it possible to design the system itself to fit into the
data flow pattern where before sharing data and moving it between
groups using standard file permissions caused uneccessary replication
and overhead.

	jrf


-- 

Jason R. Fink (jrf) jrf@netbsd.org