From owner-freebsd-hackers  Wed Jun 18 12:10:24 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id MAA04321
          for hackers-outgoing; Wed, 18 Jun 1997 12:10:24 -0700 (PDT)
Received: from cypher.net (black@zen.pratt.edu [205.232.115.155])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA04316
          for <hackers@FreeBSD.ORG>; Wed, 18 Jun 1997 12:10:16 -0700 (PDT)
Received: (from black@localhost) by cypher.net (8.8.5/8.7.1) id PAA01948; Wed, 18 Jun 1997 15:08:43 -0400
Date: Wed, 18 Jun 1997 15:08:43 -0400 (EDT)
From: Ben Black <black@zen.cypher.net>
To: Terry Lambert <terry@lambert.org>
cc: Drew Derbyshire <ahd@kew.com>, hackers@FreeBSD.ORG
Subject: Re: granting auth to processes
In-Reply-To: <199706181709.KAA20980@phaeton.artisoft.com>
Message-ID: <Pine.LNX.3.91.970618150727.1835B-100000@zen.cypher.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

because ACLs are generally pretty heavyweight and in my experience with 
NT tremendously easy to misconfigure.  i am a big fan of capabilities 
because they are only marginally more complex than traditional UNIX 
permissions, while allowing arbitrary levels of access control.

On Wed, 18 Jun 1997, Terry Lambert wrote:

> [ ... he want's ACLs ... ]
> 
> Why not use ACLs?
> 
> Seriously, there are a number of people who have asked me questions
> about data-hiding and name space intrusions for projects like quota
> FS's, compressing FS's, and ACL FS's.  I'm sure at least several of
> them are close to working code, if not already there.  You should
> ask on the FS list.
> 
> 
> 					Terry Lambert
> 					terry@lambert.org
> ---
> Any opinions in this posting are my own and not those of my present
> or previous employers.
>