Default ACL: Semantics (again)
Andreas Gruenbacher
a.gruenbacher at infosys.tuwien.ac.at
Tue Oct 5 11:38:44 GMT 1999
POSIX 1003.1e Draft Standard 17 defines how a Default ACL is
applied to files and directories (if the parent directory has
a default ACL). Sorry for my last posing about that--I didn't
find that section until recently. The points I tried to make
there are still valid, though.
The rules suggested don't allow, for files created, to grant
different rights to different users. Consider the following
scenario:
User A shall be allowed to create files, but is not
allowed zo change the files created afterwards.
User B is allowed to create files, and is also allowed
to change the files afterwards.
Apart from the fact that with the basic rwx set of permissions,
it is possible for user A to delete and re-create files,
it is also not possible to treat user A and B differently
with the Default ACL.
The standard explicitly allows to add permissions like `add only'
in ACLs implementations, so the limitations of rwx can be
overcome (quite easily, it seems) by adding an `add only'
permission. These things have been discussed on this list some
time ago.
The scheme proposed may lead to weird results, like in this
case:
andy at snowball:/acl/test > getfacl .
# file: .
# owner: lisa
# group: toolies
user::rwx
user:andy:rwx
group::---
mask:rwx
other:---
default:user::---
default:user:andy:rwx
default:group::---
default:mask:rwx
default:other:---
andy at snowball:/acl/test > echo "test" >file1
andy at snowball:/acl/test > getfacl file1
# file: file1
# owner: andy
# group: toolies
user::---
user:andy:rwx #effective:rw-
group::---
mask:rw-
other:---
andy at snowball:/acl/test > cat file1
cat: file1: Permission denied
What are the reasons not to `top up' the permissions of the
owner with the permissions tranted to him/her by named ACL
entries? In the above case, this would lead to a more
logical result:
andy at snowball:/acl/test > echo "test" >file1
andy at snowball:/acl/test > getfacl file1
# file: file1
# owner: andy
# group: toolies
user::rw-
user:andy:rwx #effective:rw-
group::---
mask:rw-
other:---
(Note that the owner only gets rw- instead of andy's rwx, because
the maximum rights requested in this case are 0666.)
(
The relevant sections in the POSIX 1003.1e
Draft Standard 17 are:
5.3.1.2 (page 23), 5.4.1.2 (page 25)
Draft Standard 17 can be found at:
http://www.guug.de/~winni/posix.1e/download.html
)
Andreas
------------------------------------------------------------------------
Andreas Gruenbacher, Vienna University of Technology
a.gruenbacher at infosys.tuwien.ac.at
Contact information: http://www.infosys.tuwien.ac.at/~agruenba
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list