Re: Permission systems with ACLs (was RE: About the login shell)

To: debian-hurd@lists.debian.org
Subject: Re: Permission systems with ACLs (was RE: About the login shell)
From: PUYDT Julien <julien.puydt@club-internet.fr>
Date: 22 Aug 2002 11:35:36 +0200
Message-id: <[🔎] 1030008942.2829.18.camel@turing>
In-reply-to: <[🔎] 20020822063750.GA31254@home.mamane.lu>
References: <[🔎] 20020819234836.GJ5453@212.23.136.22> <[🔎] 20020820011549.GA3858@aragorn> <[🔎] 20020820011522.GA7193@212.23.136.22> <[🔎] 20020820152812.GA822@aragorn> <[🔎] 20020820161009.GB6686@home.mamane.lu> <[🔎] 3D626E17.4@brandonu.ca> <[🔎] 20020821063323.GA14527@home.mamane.lu> <[🔎] 3D63BFD0.6050508@brandonu.ca> <[🔎] 20020821192951.GA23944@home.mamane.lu> <[🔎] 3D63F280.2000803@brandonu.ca> <[🔎] 20020822063750.GA31254@home.mamane.lu>

Le jeu 22/08/2002 à 08:37, Lionel Elie Mamane a écrit :

> Why the hell have you created "Untrusted Students" in the first place?
> If you have created that group, you already think in a "Deny ACE"
> way. If, at group creation time, you keep in mind that a group is used
> only to give additional rights, not to remove them, you would have
> created "Students" and "Trusted Students". My point is that if your
> system does not support Deny ACEs, (with a good admin), you wouldn't
> end up in this situation: He would have never created the group
> "Untrusted Students", because it is useless.

I fail to see the real use of ACL vs traditional permissions in what you
describe... You're talking about root-defined groups... and they already
exist! See for example that recent article for a little discussion on
that subject:
http://www.onlamp.com/pub/a/bsd/2002/08/16/Big_Scary_Daemons.html

If users where able to create their own groups, eg friends(toto) would
be the group friends as defined by user toto, that would be new.

Just my two (euro)cents,

Snark on #hurd, #hurdfr

Reply to:

References:
- Re: About the login shell
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
- Re: About the login shell
  - From: Robert Millan <zeratul2@wanadoo.es>
- Re: About the login shell
  - From: Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>
- Re: About the login shell
  - From: Robert Millan <zeratul2@wanadoo.es>
- Re: About the login shell
  - From: Lionel Elie Mamane <lionel@mamane.lu>
- Re: About the login shell
  - From: Tom Hart <hartte13@BrandonU.CA>
- Re: About the login shell
  - From: Lionel Elie Mamane <lionel@mamane.lu>
- Re: About the login shell
  - From: Tom Hart <hartte13@BrandonU.CA>
- Re: About the login shell
  - From: Lionel Elie Mamane <lionel@mamane.lu>
- Permission systems with ACLs (was RE: About the login shell)
  - From: Tom Hart <hartte13@BrandonU.CA>
- Re: Permission systems with ACLs (was RE: About the login shell)
  - From: Lionel Elie Mamane <lionel@mamane.lu>

Prev by Date: Re: Permission systems with ACLs (was RE: About the login shell)
Next by Date: Re: ACLs {Was: About the login shell}
Previous by thread: Re: Permission systems with ACLs (was RE: About the login shell)
Next by thread: Re: permissions. ACLs? groups?
Index(es):
- Date
- Thread