From owner-freebsd-hackers@FreeBSD.ORG  Mon Feb  9 08:43:08 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id F09A516A4CE
	for <freebsd-hackers@freebsd.org>;
	Mon,  9 Feb 2004 08:43:08 -0800 (PST)
Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EC73543D5F
	for <freebsd-hackers@freebsd.org>;
	Mon,  9 Feb 2004 08:43:07 -0800 (PST)
	(envelope-from dan@dan.emsphone.com)
Received: (from dan@localhost)
	by dan.emsphone.com (8.12.10/8.12.10) id i19GgGcE086589;
	Mon, 9 Feb 2004 10:42:16 -0600 (CST)
	(envelope-from dan)
Date: Mon, 9 Feb 2004 10:42:16 -0600
From: Dan Nelson <dnelson@allantgroup.com>
To: Harti Brandt <brandt@fokus.fraunhofer.de>
Message-ID: <20040209164216.GA26419@dan.emsphone.com>
References: <4025A0DD.2010607@acm.org>
	<20040208134125.L28775@beagle.fokus.fraunhofer.de> <40269DF5.2090806@acm.org>
	<20040209122341.S32427@beagle.fokus.fraunhofer.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20040209122341.S32427@beagle.fokus.fraunhofer.de>
X-OS: FreeBSD 5.2-CURRENT
X-message-flag: Outlook Error
User-Agent: Mutt/1.5.5.1i
cc: freebsd-hackers@freebsd.org
cc: Tim Kientzle <kientzle@acm.org>
Subject: Re: Odd ACL question
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Feb 2004 16:43:09 -0000

In the last episode (Feb 09), Harti Brandt said:
> On Sun, 8 Feb 2004, Tim Kientzle wrote:
> TK>On Sat, 7 Feb 2004, Tim Kientzle wrote:
> TK>>Joerg Schilling's "star" archives ACLs as follows:
> TK>>
> TK>>"user::rwx,group::r--,group:mail:rw-:6,mask::rw-,other::r--"
> TK>>
> TK>>Note the "group:mail:rw-:6" entry that contains a fourth
> TK>>field with the uid/gid number. ...
> TK>
> TK>   * If the username exists and the UID conflicts with the local
> TK>       system, ???
> TK>
> TK>This last case is the tough one.  My temptation:  map it to
> TK>an unused UID, issue a warning about the remap, and keep going.
> 
> That may cause the problem I described. This may leave a file in a
> user directory that the user cannot delete without intervention of
> the root user, but its probably the simplest solution. What about
> non-existing groups?

Any file that a user creates, that user can delete.  If you're talking
about a root user extracting something into a user's directory, that's
different, but you have the same problem even without ACLs.

-- 
	Dan Nelson
	dnelson@allantgroup.com