> On Fri, Sep 24, 1999 at 05:47:34PM -0400, Stephen Frost wrote:
> > On Fri, 24 Sep 1999, Michael Bacarella wrote:
> >
> > > This brings up another issue.
> > >
> > > Who is allowed to see what ACLs are in place?
> > >
> > > I know I would feel pretty insulted if I looked at a friend's ACL and he
> > > gave everyone BUT me LOOKUP access to his directories. It'd also suck
> > > for that person if I found out. :)
> >
> > I would hazzard a guess at, if you can read the files, you can read
> > the ACLs on that file. Otherwise it would be, if you can read the directory,
> > you can read the ACLs, final thouhts, you have to be on the appropriate ACL
> > list to read the ACLs. ;) Just a couple thoughts.
> >
> > Stephen
>
> On AIX and in DCE/DFS, ACLs are shown with their own command
> ("acl_edit -l", "lsacl", or the like). They are viewable by anyone
> (just like permissions). They are only changeable by people with the
> correct ACL to change ('c' in DFS).
> True, you might get upset if your friend has denied only you. But
> chances are there is a reason, and you'll already know why :-)
> I've been pretty happy with the flexibility and granularity of
> ACLs in DFS (they are per-file, btw). The accessing tool, dcecp, is
> awkward, but I have fixed that with ls/chmod workalikes lsacl and
> chacl.
Then like permissions, if you don't have access to the directory,
you can't see the permissions on a file inside the directory. :) The only
problem with this of course being, if you use ACLs on your directory, and
your friend can see that... :)
Stephen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/