1 |
Alan McKinnon <alan.mckinnon@×××××.com> wrote: |
2 |
|
3 |
> The permissions issue is an artifact of how NFS works. Sun designed it |
4 |
> to deliver entire filesystems over the network (most often /usr and-or |
5 |
> /home) to trusted clients. "trusted" being the operative word. To get |
6 |
> Unix permissions to work, the uid on the share and client have to match |
7 |
> - that's why we also have NIS - but I've never seen NIS actually used |
8 |
> anywhere, so UIDs tend to be a mix 'n match and almost always devolves |
9 |
> into "full access" to get it to work. |
10 |
|
11 |
This is how NFS was designed before 1987, when Kerberos came up.... |
12 |
> |
13 |
> CIFS work different, it auths users by username and supports per-field |
14 |
> access control. That's how that protocol works. |
15 |
|
16 |
This is how NFSv4 works. |
17 |
|
18 |
BTW: as long as Linux does not support modern ACLs (originally defined by NTFS, |
19 |
now standardized by NFSv4) Linux will not be able to take advantage from CIFS |
20 |
ACLs. |
21 |
|
22 |
Jörg |
23 |
|
24 |
-- |
25 |
EMail:joerg@××××××××××××××××××××××××.de (home) Jörg Schilling D-13353 Berlin |
26 |
js@××××××××××××.de (uni) |
27 |
joerg.schilling@××××××××××××××××.de (work) Blog: http://schily.blogspot.com/ |
28 |
URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily |