[nfsv4] Windows/NFSv4 ACL interoperability

David Collier-Brown davec-b at rogers.com
Tue Mar 28 22:25:35 GMT 2006

   **ALL** acls are badly presented: those were posix ones
I used for examples of evilitude (;-))

   To be fair, Windows ones are not as badly described
as VMS ones, and they weren't as bad as GCOS ones, and
so on, back to the dawn of time.

--dave (denizen of the dawn of time @ HI-Multics.ARPA) c-b

Michael B Allen wrote:
> On Tue, 28 Mar 2006 09:25:34 -0500
> David Collier-Brown <davec-b at rogers.com> wrote:
>>   I'd like to suggest that acls are presented so badly that
>>they make people's brains explode (;-))
> Ahh, are Windows ACLs really that bad? I agree they're difficult to
> *fully* understand [1] but most people know enough to be able to safely
> secure shares in a fairly fine grained way. I'm no expert but I know
> enough to suspect that if your groups are well organized, actually
> manipulating the ACLs is relatively straight forward (albeit somewhat
> tedious).  If you inherit years of half obsolete poorly structured groups
> or you're a fly-by-the-seat-of-your-pants kinda admin then you're going
> to have problems regardless of what type of ACLs you're using.
> Mike
> [1] A good description is vital to understanding Windows ACLs. Keith
>   Brown's _.NET Developer's Guide to Windows Security_ did it for me. Note
>   there's not that much in there for developers - it's a very good
>   text for admins as well. The whole book is available online here:
>   http://pluralsight.com/wiki/default.aspx/Keith.GuideBook.HomePage

David Collier-Brown,         | Always do right. This will gratify
System Programmer and Author | some people and astonish the rest
davecb at spamcop.net           |                      -- Mark Twain
(416) 223-5943

More information about the samba-technical mailing list