| 1 |
On 11/06/18 09:54, Joerg Schilling wrote: |
| 2 |
> Wol's lists <antlists@××××××××××××.uk> wrote: |
| 3 |
> |
| 4 |
>> On 09/06/18 18:09, Rich Freeman wrote: |
| 5 |
> ... |
| 6 |
>>> downsides as well, in particular it is certainly more complex and at |
| 7 |
>>> work we practically forbid any kind of windows ACLs at anything other |
| 8 |
>>> than the top mount level because it is so hard to control. |
| 9 |
>> |
| 10 |
>> Windows is better than POSIX?! That doesn't say much for POSIX then, |
| 11 |
>> seeing as I feel Windows ACLs are overly complex and difficult! |
| 12 |
> |
| 13 |
> Well, "Windows ACLs" is the only ACL system that is standardized (as part of |
| 14 |
> the NFSv4 standard). The old proposal in POSIX.1e from 1993 from Sun has been |
| 15 |
> withdrawn in 1997 since the customers did not like it. |
| 16 |
> |
| 17 |
Ummm - just because it's standard doesn't mean it's any good :-) |
| 18 |
|
| 19 |
This version I'm talking about dates from about 1983. The company making |
| 20 |
it went bust in 1991. |
| 21 |
|
| 22 |
I've just had a quick look at the NFS v4 RFC, and almost the first thing |
| 23 |
I see is DENY entries. These ACLs don't have deny, because it's |
| 24 |
pointless. And DENY is exactly why I think Posix/Windows ACLs are |
| 25 |
confusing and hard to use. |
| 26 |
|
| 27 |
Cheers, |
| 28 |
Wol |
Archives