[Samba] Samba and POSIX ACLs
hartnegg at uni-freiburg.de
Sat Aug 13 16:09:53 UTC 2016
Am 13.08.2016 um 12:48 schrieb Reindl Harald via samba:
> that permissions/acl stuff is *a real* problem for many setups when a
> idiotic client is changing the permissions of a shared document, the
> person goes to vacation and other team members no longer have write access
Windows ACLs make it possible to differentiate: you can grant modify
permission, but not the permission to change the permissions.
However the usefulness of this is very limited, because both in Linux
and Windows the owner of files is always allowed to change permissions,
regardless of what the permissions say.
Yes, this is indeed idiotic. Today there is a trend away from home
directories to project directories, but this limitation of ACLs in Linux
and Windows are not very well suited for such directories.
It does not need to be like this. In Novell Netware the admin really
could decide who is allowed to change permissions. There this was the
A-permission, access-control, and even the owners of files could only
change permissions if the admin had granted them the A permission. They
were usually given this in their home directory, but not in project
directories, where many people need to have access.
More information about the samba