[nfsv4] Windows/NFSv4 ACL interoperability
David Collier-Brown
davec-b at rogers.com
Tue Mar 28 22:25:35 GMT 2006
**ALL** acls are badly presented: those were posix ones
I used for examples of evilitude (;-))
To be fair, Windows ones are not as badly described
as VMS ones, and they weren't as bad as GCOS ones, and
so on, back to the dawn of time.
--dave (denizen of the dawn of time @ HI-Multics.ARPA) c-b
Michael B Allen wrote:
> On Tue, 28 Mar 2006 09:25:34 -0500
> David Collier-Brown <davec-b at rogers.com> wrote:
>
>
>> I'd like to suggest that acls are presented so badly that
>>they make people's brains explode (;-))
>
>
> Ahh, are Windows ACLs really that bad? I agree they're difficult to
> *fully* understand [1] but most people know enough to be able to safely
> secure shares in a fairly fine grained way. I'm no expert but I know
> enough to suspect that if your groups are well organized, actually
> manipulating the ACLs is relatively straight forward (albeit somewhat
> tedious). If you inherit years of half obsolete poorly structured groups
> or you're a fly-by-the-seat-of-your-pants kinda admin then you're going
> to have problems regardless of what type of ACLs you're using.
>
> Mike
>
> [1] A good description is vital to understanding Windows ACLs. Keith
> Brown's _.NET Developer's Guide to Windows Security_ did it for me. Note
> there's not that much in there for developers - it's a very good
> text for admins as well. The whole book is available online here:
> http://pluralsight.com/wiki/default.aspx/Keith.GuideBook.HomePage
>
--
David Collier-Brown, | Always do right. This will gratify
System Programmer and Author | some people and astonish the rest
davecb at spamcop.net | -- Mark Twain
(416) 223-5943
More information about the samba-technical
mailing list