From owner-freebsd-hackers Wed Oct 27 17:12: 9 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from smtp02.teb1.iconnet.net (smtp02.teb1.iconnet.net [209.3.218.43]) by hub.freebsd.org (Postfix) with ESMTP id 0EDA514E2D for ; Wed, 27 Oct 1999 17:11:50 -0700 (PDT) (envelope-from babkin@bellatlantic.net) Received: from bellatlantic.net (client-151-198-135-41.bellatlantic.net [151.198.135.41]) by smtp02.teb1.iconnet.net (8.9.1/8.9.1) with ESMTP id UAA17351; Wed, 27 Oct 1999 20:11:32 -0400 (EDT) Message-ID: <381795EA.AD384579@bellatlantic.net> Date: Wed, 27 Oct 1999 20:16:42 -0400 From: Sergey Babkin X-Mailer: Mozilla 4.07 [en] (X11; I; FreeBSD 3.0-980222-SNAP i386) MIME-Version: 1.0 To: Chuck Youse Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: UFS ACLs References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Chuck Youse wrote: > > I admittedly haven't done much homework on this topic, but I was wondering > if anyone has played with the idea of implementing ACLs on top of UFS. > > One of the weakest areas in UNIX is its lack of fine-grained access > control for resources - the biggest resource being, of course, the > filesystem. As my personal experience with Novell Netware shows most of the time the presence of the fine-grained access control is a great temptation to create a complete mess in the filesystem. The thing I personally feel neccessary is being able to assign access rights to a file to two separate groups because it's cheap and resolves most of the problems. I have implemented it as a small patch that works with both FFS and EXT2FS in FreeBSD. Let me know if you are interested in looking at it. -SB To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message