Default ACL: Semantics (again)

James Buster bitbug at seal.engr.sgi.com
Wed Oct 6 22:33:22 GMT 1999 

On Oct 6, 12:36pm, "Peter J. Holzer" wrote:
} Subject: Re: Default ACL: Semantics (again)
} 
} On 1999-10-05 13:38:44 +0200, Andreas Gruenbacher wrote:
} > The rules suggested don't allow, for files created, to grant
} > different rights to different users. Consider the following
} > scenario:
} > 
} >   User A shall be allowed to create files, but is not
} >          allowed zo change the files created afterwards.
} >          
} >   User B is allowed to create files, and is also allowed
} >          to change the files afterwards.
} > 
} > Apart from the fact that with the basic rwx set of permissions,
} > it is possible for user A to delete and re-create files,
} 
} It is also possible for user A to change the acl of the file after
} creation (he is the owner of the file after all) and then write to it.

Even that isn't necessary. creat() ignores both file permissions and
ACLs when creating files. For example,
	int fd;
	...
	fd = creat("/tmp/xxx", 0);
will create a file whose permission set doesn't permit the owner to
write to it, yet they have a file descriptor that allows writing. This
is very useful in creating temporary files that nobody can read without
having a race between open() and chmod(). What Mr. Gruenbacher wants
cannot be done without a fundamental change in the semantics of Unix
file creation.

} I don't think so. 5.3.1.2 (2) says:
} 
}     Both the ACL_USER_OBJ ACL entry permission bits and the file owner
}     class permission bits of the access ACL are set to the intersection
}     of the default ACL's ACL_USER_OBJ permission bits and the file owner
}     class permission bits in mode. 
} 
} I couldn't find a definition of "file owner class permission bits of the
} access ACL", but from context I guess that it means "permission bits
} of all ACL_USER entries which match the file owner". So I think that
} user:andy: should be set to ---, too.

The "file owner class permission bits" correspond to the permissions
associated with the ACL_USER_OBJ entry.

You must be using an old draft. The words "of the access ACL" are not
present in draft 15. That now reads

	Both the ACL_USER_OBJ ACL entry permission bits and the file owner
	class permission bits are set to the intersection of the default
	ACL's ACL_USER_OBJ permission bits and the file owner class
	permission bits in the mode parameter.

-- 
Planet Bog -- pools of toxic chemicals bubble under a choking
atomsphere of poisonous gases... but aside from that, it's not
much like Earth.
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message

More information about the posix1e mailing list