From owner-freebsd-questions@FreeBSD.ORG Sun Mar 13 18:35:04 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7833E16A4CE for ; Sun, 13 Mar 2005 18:35:04 +0000 (GMT) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 842B643D1F for ; Sun, 13 Mar 2005 18:35:03 +0000 (GMT) (envelope-from freebsd-questions@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1DAXua-0007Gh-Ro for freebsd-questions@freebsd.org; Sun, 13 Mar 2005 19:34:00 +0100 Received: from pcp08490587pcs.levtwn01.pa.comcast.net ([68.83.169.224]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 13 Mar 2005 19:34:00 +0100 Received: from apeiron+usenet by pcp08490587pcs.levtwn01.pa.comcast.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 13 Mar 2005 19:34:00 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-questions@freebsd.org From: Christopher Nehren Date: Sun, 13 Mar 2005 18:32:43 +0000 (UTC) Organization: /usr/bin/false Lines: 30 Message-ID: References: <1783108411.20050313132006@wanadoo.fr> X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: pcp08490587pcs.levtwn01.pa.comcast.net User-Agent: slrn/0.9.8.1 (FreeBSD) Sender: news X-Gmane-MailScanner: Found to be clean X-Gmane-MailScanner: Found to be clean X-Gmane-MailScanner-SpamScore: s X-MailScanner-From: freebsd-questions@m.gmane.org X-MailScanner-To: freebsd-questions@freebsd.org Subject: Re: Who is using ACLs in production? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Mar 2005 18:35:04 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2005-03-13, Anthony Atkielski scribbled these curious markings: > Anyone using ACLs in production on FreeBSD 5.x? If so, how do you use > them, and what are your impressions? How do they affect performance, > how reliable is the code, does it really help security, etc.? While not a "traditional" production environment, my 5.x webserver uses ACLs to keep user home directories relatively private but accessible at the same time. I didn't want to open up my home directory to every user on the system. But at the same time I didn't want to set my files to group www. ACLs provide a nice middle ground in that sort of situation. Best Regards, Christopher Nehren -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCNIgUk/lo7zvzJioRAjh1AJ9z1tn23YSbKNmFlF8ef8f/ERReaACgmZGH x0X6e2WdHTXORTDlSPUtwXw= =Re5U -----END PGP SIGNATURE----- -- I abhor a system designed for the "user", if that word is a coded pejorative meaning "stupid and unsophisticated". -- Ken Thompson If you ask the wrong questions, you get answers like "42" and "God". Unix is user friendly. However, it isn't idiot friendly.