Re: Proposed changes to the policy
Victor Nazarov <vir@comtv.ru> writes:
> Peter Novodvorsky wrote:
>
>>Victor,
>>
>>Victor Nazarov <vir@comtv.ru> writes:
>>
>>This is also filesystem feature, not debian one. Modern filesystems
>>have POSIX acl support in Linux[1] that should fulfil your requests.
>>
>>-snip-
>>
> Acls is not what I want. I just want to permit normal users to create
> groups. I don't think this is a filesystem feature, Unix filesystem
> and kernel provides per user permitions managment since the creation,
> the only barier is a minimalistic login tools with /etc/passwd,
> /etc/group files. My scheme is totally backward compatible, why not to
> implement it?
Because it's a hack, we shouldn't provide backwards compatibility in
big changes like that. Try to find possible security flaws in your
suggestions.
BTW, If you are running fairly new version of debian kernel (even
2.4.x) it has ACL support turned on. Play with it as you like. It's
already here.
Peter.
--
Antispam protection: don't remove_these_lines_if you're not in my whitelist
(replying first time). If you do, you'll have to make additional operation
replying your own reply (and getting in my non-spammers whitelist). Sorry
for inconvenience.
Reply to: