Date: Mon, 9 Feb 2004 10:42:16 -0600 From: Dan Nelson <dnelson@allantgroup.com> To: Harti Brandt <brandt@fokus.fraunhofer.de> Cc: Tim Kientzle <kientzle@acm.org> Subject: Re: Odd ACL question Message-ID: <20040209164216.GA26419@dan.emsphone.com> In-Reply-To: <20040209122341.S32427@beagle.fokus.fraunhofer.de> References: <4025A0DD.2010607@acm.org> <20040208134125.L28775@beagle.fokus.fraunhofer.de> <40269DF5.2090806@acm.org> <20040209122341.S32427@beagle.fokus.fraunhofer.de>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Feb 09), Harti Brandt said: > On Sun, 8 Feb 2004, Tim Kientzle wrote: > TK>On Sat, 7 Feb 2004, Tim Kientzle wrote: > TK>>Joerg Schilling's "star" archives ACLs as follows: > TK>> > TK>>"user::rwx,group::r--,group:mail:rw-:6,mask::rw-,other::r--" > TK>> > TK>>Note the "group:mail:rw-:6" entry that contains a fourth > TK>>field with the uid/gid number. ... > TK> > TK> * If the username exists and the UID conflicts with the local > TK> system, ??? > TK> > TK>This last case is the tough one. My temptation: map it to > TK>an unused UID, issue a warning about the remap, and keep going. > > That may cause the problem I described. This may leave a file in a > user directory that the user cannot delete without intervention of > the root user, but its probably the simplest solution. What about > non-existing groups? Any file that a user creates, that user can delete. If you're talking about a root user extracting something into a user's directory, that's different, but you have the same problem even without ACLs. -- Dan Nelson dnelson@allantgroup.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040209164216.GA26419>