ACL database
David Collier-Brown
davecb at canada.sun.com
Tue Mar 27 12:36:54 GMT 2001
Jeremy Allison wrote:
> > What is missed out on by using POSIX ACLs?
>
> POSIX ACLs only have rwx bits, not all the complex
> bits NT ACLs have. But very few people understand
> or use the complex bits in NT ACLs, so you won't
> be losing much.
In fact, most people use only two ACLs
of any sort:
1) grant user X some permission (r, rw)
2) deny user Y some permission (r)
and the second is rare.
In a customer site using acls heavily,
we saw 99.999% grant, and ~.001 deny, and
one acl entry that wasn't one of these two.
My leaky brain says that was also true of Multics,
except when setting up initial (default) ACLS
on project directories: they you saw group
acls being set to r or rw by sysadmins.
--dave
--
David Collier-Brown, | Always do right. This will gratify
Performance & Engineering Team | some people and astonish the rest.
Americas Customer Engineering | -- Mark Twain
(905) 415-2849 | davecb at canada.sun.com
More information about the samba-technical
mailing list