Default ACL: Semantics (again)

Peter J. Holzer hjp at wsr.ac.at
Mon Oct 11 14:32:37 GMT 1999 

[I just found this mail in my postponed folder - sorry for the delay]

On 1999-10-06 13:04:29 +0200, Andreas Gruenbacher wrote:
> "Peter J. Holzer" wrote:
> > 
> > On 1999-10-05 13:38:44 +0200, Andreas Gruenbacher wrote:
> > > Apart from the fact that with the basic rwx set of permissions,
> > > it is possible for user A to delete and re-create files,
> > 
> > It is also possible for user A to change the acl of the file after
> > creation (he is the owner of the file after all) and then write to it.
> 
> Only if user A is aware of ACLs, and is allowed to login to the host.
> I'm thinking of users through daemons like Samba and FTP.

Newer versions of samba expose the unix permissions to the client as NT
ACLs and there are tools (for NT and Win9x) to inspect and manipulate
them (haven't played with them yet). I would expect Samba to do the same
with ACLs sooner or later. Similarily, Unix FTP servers allow changing
permissions. On a system which has ACLs, the FTP server should also
allow changing the ACLs. 

I think, when designing or implementing a feature one should not assume
that users won't have access to it (but you can't rely on everybody
having full access, either).

> > I don't think so. 5.3.1.2 (2) says:
> > 
> >     Both the ACL_USER_OBJ ACL entry permission bits and the file owner
> >     class permission bits of the access ACL are set to the intersection
> >     of the default ACL's ACL_USER_OBJ permission bits and the file owner
> >     class permission bits in mode.
> > 
> > I couldn't find a definition of "file owner class permission bits of the
> > access ACL", but from context I guess that it means "permission bits
> > of all ACL_USER entries which match the file owner". So I think that
> > user:andy: should be set to ---, too.
> 
> By `file owner class permission bits' they mean the S_IRWXU bits in the
> mode field, to my current understanding.

I don't think this is meant in this context. Firstly it says "of
the access ACL" (as opposed to "in mode" later in the sentence) and
secondly, setting some bits in an input parameter is a bit pointless
unless they are used later (which doesn't seem to be the case).

	hp

-- 
   _  | Peter J. Holzer             | Nobody should ever have to be
|_|_) | Sysadmin WSR / Obmann LUGA  | ashamed if they have a secret love
| |   | hjp at wsr.ac.at               | for writing computer programs that
__/   | http://wsrx.wsr.ac.at/~hjp/ | actually work.  -- Donald E. Knuth
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 371 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/posix1e/attachments/19991011/b239aa5f/attachment.bin

More information about the posix1e mailing list