Date: Thu, 26 Dec 1996 19:41:55 -0500 (EST) From: Charles Owens <owensc@enc.edu> To: David Leonard <leonard@dstc.edu.au> Cc: hackers@freebsd.org Subject: Re: multi-group file access techniques (repost) Message-ID: <Pine.FBS.3.93.961226193051.24907B-100000@dingo.its.enc.edu> In-Reply-To: <199612262334.JAA07441@foxtail.dstc.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 27 Dec 1996, David Leonard wrote:
> In dstc.mail.freebsd.hackers you write:
>
> > .../man_readable_c is a "control directory," a technique that seems
> [...]
> > making 'www' the owner of all "choke point" directories:
>
> okay, so this technique is emulating ACLs by concatenating the unix
> permissions on ancestor directories. (correct me if ive got this wrong)
Yep, that's the general idea.
> > In his article, Doug Morris also speaks of a technique of using hard links
> > of directories to achieve a similar effect. This technique could be used
> > in tandem with the above to add more flexibility, but we all know the
> > GREAT EVIL that hard linked directories are. :-)
>
> this could also be done with portalfs or nullfs? hard links can
> introduce inter-device cycles in the filesystem tree which many
> program (libraries) rely on the non-existence of.
>
> imho introducing ACLs is admitting to complexity :)
I agree with the sentiment!
> The really simple solution is having billions of groups and encoding the
> ACL in them... a perl script should do it :) :) :)
What exactly do you mean by 'encoding the ACL in them'. Could you flesh
this out a bit... perhaps including an example?
Thanks!
---
-------------------------------------------------------------------------
Charles Owens Email: owensc@enc.edu
"I read somewhere to learn is to
Information Technology Services remember... and I've learned that
Eastern Nazarene College we've all forgot..." - King's X
-------------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.FBS.3.93.961226193051.24907B-100000>