Date: Sun, 18 Mar 2001 12:42:17 -0700 From: Brett Glass <brett@lariat.org> To: Terry Lambert <tlambert@primenet.com>, babkin@bellatlantic.net (Sergey Babkin) Cc: security@FreeBSD.ORG, wes@softweyr.com (Wes Peters), rwatson@FreeBSD.ORG (Robert Watson), fs@FreeBSD.ORG Subject: Re: about common group & user ID space (PR kern/14584) Message-ID: <4.3.2.7.2.20010318123759.00d9dd10@localhost> In-Reply-To: <200103180738.AAA03250@usr05.primenet.com> References: <3AB3FC38.94711FFF@bellatlantic.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:38 AM 3/18/2001, Terry Lambert wrote: >The benefits in not having the grovel through the FS contents, or >do a more complex ID space transformations, and the moving of the >majority of changes to user space, combined with the fact that if >you turn it off, the ownership doesn't need to be reverted, are >all plusses. At the same time, it'd be nice to eliminate the arbitrary limitations on (a) the number of groups of which a user can be a member and (b) the number of members in a group. Both of these limitations often bite administrators who, for example, want most users of a system to be members of a particular group or want to implement group-based access control schemes with a moderate degree of granularity. Classes won't cut it for this purpose, alas, because they're not built into file system security. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20010318123759.00d9dd10>