From owner-freebsd-security@FreeBSD.ORG Fri Aug 29 09:00:41 2008 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D2949106567D for ; Fri, 29 Aug 2008 09:00:41 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.freebsd.org (Postfix) with ESMTP id AEC298FC0A for ; Fri, 29 Aug 2008 09:00:41 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 2682446C4F; Fri, 29 Aug 2008 05:00:41 -0400 (EDT) Date: Fri, 29 Aug 2008 10:00:41 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Boris Kochergin In-Reply-To: <48B6E6EB.1030305@acm.poly.edu> Message-ID: References: <48B6E6EB.1030305@acm.poly.edu> User-Agent: Alpine 1.10 (BSF 962 2008-03-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-security@freebsd.org Subject: Re: ACLs overriding umasks? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Aug 2008 09:00:41 -0000 On Thu, 28 Aug 2008, Boris Kochergin wrote: > Hi, list. A few years ago, there were plans to add an option to the > filesystem ACL implementation that would allow ACLs to override umasks when > creating files. I haven't been able to find anything else conclusive on the > matter and was wondering if it was ever implemented. Thanks. Hi Boris: The quick answer is: no, that hasn't happened yet, but it would be nice to do it for 8.0. There's a large in-progress project as part of Google Summer of Code to implement NFSv4 ACLs as well, which we should hear more on soon now that the summer is wrapping up. Robert N M Watson Computer Laboratory University of Cambridge