[kwlug-disc] Access rights to file/folder
Eric Gerlach
eric+kwlug at gerlach.ca
Wed Jul 28 17:20:38 EDT 2010
Excerpts from John Van Ostrand's message of Wed Jul 28 17:16:22 -0400 2010:
>
> ----- Original Message -----
> > --- On Wed, 7/28/10, John Van Ostrand <john at netdirect.ca> wrote:
>
> > Except if there are some Legal documents that HR must have access to.
> > Then you need to create that other group and maybe the head of HR may
> > need access to a different "Legal Documents" subset that other HR
> > people don't have access to.
>
> Then it is classified differently. Isn't this what security is all about. Classifying data and assigning permissions?
>
>
> > A) As you described: Creating a ACL that other users and/or ACLs
> > belong to then granting access to that ACL
> >
> > B) As I described before: Granting rights to several users and/or ACLs
>
> But with the standard permissions, the sticky bit and a proper umask I can control inheritance of permissions. I don't see how that can be done with ACLs.
>
> How do I make it so that files created by Alice, who doesn't share a group with Bob, can be edited by Bob, but not others? The same could be said for read permissions.
You set the "default" ACL for the directory. That is the ACL that is
inherited by any subdirectories.
Cheers,
Eric
More information about the kwlug-disc
mailing list