[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] POSIX ACL support

From: Achim Gratz
Subject: Re: [PATCH] POSIX ACL support
Date: Wed, 21 Nov 2012 20:52:08 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.2.50 (gnu/linux)

Eli Zaretskii writes:
> True.  But I think this is unlikely to be a problem when _copying_ a
> file, because the copy is created by you, so you get full access by
> default, and that includes the "write DAC" (a.k.a. "change ACL")
> privilege.  However, it _can_ happen that after copying the ACL from
> the original, you no longer can change the access rights, if that
> privilege was denied in the original.  Which is okay, I think.

Well, talk to our corporate IT department then which happens to think
that it is a sensible thing to not let you do this and in addition don't
let you even look at the existing ACL (which means I can't be sure how
they accomplished that, but I believe it's some inheritable property
that makes all files, including new ones, owned by a service account).

As I said, I'm almost certain you could achieve something similar with
SElinux policies, but then I haven't tried it yet.

+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

Wavetables for the Terratec KOMPLEXER:

reply via email to

[Prev in Thread] Current Thread [Next in Thread]