Date: Mon, 19 Mar 2001 23:40:43 -0500 (EST) From: Robert Watson <rwatson@freebsd.org> To: Sergey Babkin <babkin@bellatlantic.net> Cc: security@freebsd.org, Wes Peters <wes@softweyr.com>, fs@freebsd.org Subject: Re: about common group & user ID space (PR kern/14584) Message-ID: <Pine.NEB.3.96L.1010319233826.69303D-100000@fledge.watson.org> In-Reply-To: <Pine.NEB.3.96L.1010319223106.69303B-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 19 Mar 2001, Robert Watson wrote: > Personally, I'm a fan of the AFS ACL model, where protections are present > only on directories, hard links are prohibited, and sub-directories > inherit protections on creation. I even had an implementation of this on > FreeBSD at one point, although it's quite dated now. However, ACLs have > a number of things going for them: Just as an aside, btw, AFS uses a common numeric namespace for both users and groups, as well as for remote users from other cells. Users can also allocate and manage groups on demand. The single numeric namespace makes things a lot more consistent :-). (although I think it allocates negative values to groups, and positive ones to users..) Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010319233826.69303D-100000>