[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

ACLs vs Capabilities

>>>>> "Zsombor" == Zsombor Gergely <gergely@econ.core.hu> writes:

    Zsombor> On Fri, Mar 17, 2000 at 05:21:54PM -0800, R Joseph Wright
    Zsombor> wrote:
    >> Can someone explain a bit how ACLs work?

    Zsombor> You may want to look at
    Zsombor> http://www.eros-os.org/faq/basics.html#whatis-eros This
    Zsombor> sketches how they do and do not work...

Interesting document. It now seems that ACLs are obsolete, if favour
of capabilities...

Sounds very "hurd"-like to me (ie it moves functionality normally
reserved for root to individual users), and might be worth
investigating...

Put simply ACLs associate
(userid,file) --> access

put capabilities associate
(processid,file) -> access

If my understanding is correct, this would fix some serious problems
with conventional Unix systems:

- setuid programs.
- requirement for new userid with every daemon.

However, on my first reading of the document, I still have questions
which are unanswered. I will read it again later, to see if I understand
better then. eg how do processes initially obtain capabilities?
-- 
Brian May <bam@debian.org>
Reply to: