| Re: [stellation-res] Access control list inheritance behavior question |
On Sat, 2002-09-28 at 13:39, Mark C. Chu-Carroll wrote: > Content-Type: text/plain > Content-Transfer-Encoding: quoted-printable > > On Sat, 2002-09-28 at 17:16, Florin Iucha wrote: > >=20 > > I suggest we follow the "principle of least astonishment" and go with > > the POSIX behavior for ACLs - I have no clue what it is, but supposedly > > they thought about it and some people/admins are already familiar with > > it. Or come with a good reason why not. > > I don't know what the POSIX ACL behavior is. But they're talking about > filesystem ACLs, and we're talking about repository ACLs, and those > are very different things. I'll look up what POSIX does, and see if I > can paraphrase what a POSIX-like ACL inheritance mechanism would > look like, as an option. As far as I can tell reading the posix documents that I found online, there is no inheritance in POSIX ACLs. POSIX ACLs are basically an extension of the permission mask in normal unix filesystems; and instead of using a permission inheritance mechanism, they use a umask. The only inheritance-like mechanism I can find is the s-bit on BSD directories. The S-bit works like option-1, the copy-ACL-on-create option. -Mark -- Mark Craig Chu-Carroll, IBM T.J. Watson Research Center *** The Stellation project: Advanced SCM for Collaboration *** http://www.eclipse.org/stellation *** Work Email: mcc@xxxxxxxxxxxxxx ------- Personal Email: markcc@xxxxxxxxxxx
Attachment:
signature.asc
Description: This is a digitally signed message part