Default ACL: Semantics (again)

Andreas Gruenbacher a.gruenbacher at infosys.tuwien.ac.at
Tue Oct 5 11:38:44 GMT 1999 

POSIX 1003.1e Draft Standard 17 defines how a Default ACL is
applied to files and directories (if the parent directory has
a default ACL). Sorry for my last posing about that--I didn't
find that section until recently. The points I tried to make
there are still valid, though.


The rules suggested don't allow, for files created, to grant
different rights to different users. Consider the following
scenario:

  User A shall be allowed to create files, but is not
         allowed zo change the files created afterwards.
         
  User B is allowed to create files, and is also allowed
         to change the files afterwards.

Apart from the fact that with the basic rwx set of permissions,
it is possible for user A to delete and re-create files,
it is also not possible to treat user A and B differently
with the Default ACL.

The standard explicitly allows to add permissions like `add only'
in ACLs implementations, so the limitations of rwx can be
overcome (quite easily, it seems) by adding an `add only'
permission. These things have been discussed on this list some
time ago.

The scheme proposed may lead to weird results, like in this
case:
	andy at snowball:/acl/test > getfacl .
	# file: .
	# owner: lisa
	# group: toolies
	user::rwx
	user:andy:rwx
	group::---
	mask:rwx
	other:---
	default:user::---
	default:user:andy:rwx
	default:group::---
	default:mask:rwx
	default:other:---

	andy at snowball:/acl/test > echo "test" >file1
	andy at snowball:/acl/test > getfacl file1
	# file: file1
	# owner: andy
	# group: toolies
	user::---
	user:andy:rwx                   #effective:rw-
	group::---
	mask:rw-
	other:---

	andy at snowball:/acl/test > cat file1
	cat: file1: Permission denied

What are the reasons not to `top up' the permissions of the
owner with the permissions tranted to him/her by named ACL
entries? In the above case, this would lead to a more
logical result:

	andy at snowball:/acl/test > echo "test" >file1
	andy at snowball:/acl/test > getfacl file1
	# file: file1
	# owner: andy
	# group: toolies
	user::rw-
	user:andy:rwx                   #effective:rw-
	group::---
	mask:rw-
	other:---

(Note that the owner only gets rw- instead of andy's rwx, because
 the maximum rights requested in this case are 0666.)


(
The relevant sections in the POSIX 1003.1e
Draft Standard 17 are:
  5.3.1.2 (page 23), 5.4.1.2 (page 25)


Draft Standard 17 can be found at:
  http://www.guug.de/~winni/posix.1e/download.html
)


Andreas

------------------------------------------------------------------------
 Andreas Gruenbacher, Vienna University of Technology
 a.gruenbacher at infosys.tuwien.ac.at
 Contact information: http://www.infosys.tuwien.ac.at/~agruenba
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message

More information about the posix1e mailing list