[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: ACL complexity

From: Ondrej Valousek
Subject: RE: ACL complexity
Date: Fri, 13 Jan 2023 10:03:07 +0000

> More generally, I find the semantics and the syntax of ACLs on most systems 
> to be more demanding than what the average command-line user can grok. 
Completely agree here, especially true for so-called posix draft ACLs.
> While for random features of the OS this would just be a nuisance that can be 
> ignored, for a feature with impact on security this is a major problem.

> Suggestion: Add a mode to 'ls' (not to getfacl, because average users know 
> about 'ls' only) that displays the same info with explanations.
It doesn't matter if the output is 25 lines instead of 8 lines, in this mode.

Well, I was thinking about it as well, see how nicely the OpenSolaris/OmniOS 
does it using it's -V option:
root@omnios:/mnt# ls -lV acl
-rw-r--r--+  1 root     root           5 Jan  4 09:11 acl

maybe we could reuse some of the code from there (not sure about the legal 
stuff). The problem is also that I'd like to include support for NFS4 acls, and 
since Linux libacl does not have it, we'd have to stick in Gnulib probably.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]