private group administration
Till Maas
opensource at till.name
Sat Oct 18 06:45:07 UTC 2008
On Sat October 18 2008, Colin Walters wrote:
> On Fri, Oct 17, 2008 at 8:12 PM, Matthew Woehlke
>
> <mw_triad at users.sourceforge.net> wrote:
> > If 'chmod g+w file;chgrp foo file' is too much work then there should be
> > a command that can do both.
>
> Groups are broken. Use access control lists: "man setfacl"
ACLs inherit the brokenness of groups, e.g. it is not possible to enforce that
everything within a certain directory is owned by everyone of a group, i.e.
they all can do whatever they want with these files and directories without
using sudo. The problem is, that the group permissions of a file constrain
the permissions for all group acl permissions.
Regards,
Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: This is a digitally signed message part.
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20081018/d0e5af8d/attachment.bin
More information about the devel
mailing list