First just a short reminder to everybody: Linux is Free (and *BSD as well) -- Itches will be scratched, eventually Window, BeOS, .... are not -- wait for some benevolent vendor to scratch you itches
And now to more interesting technical issue: On Tue, 03 Jun 2003 07:28:17 +0300 Shachar Shemesh <[EMAIL PROTECTED]> wrote: > For those reasons I am, personally, against adding ACL support to > Linux. Shame on me, for I am opposing B based on my experience with > A, while I have not looked at B. That's why I'm mostly silent about > this. Actually, it's a very good point. The ACL model sucks because it tries to protect individually each and every file on the system (modern ACL schemes mitigate this problem by providing ACL "inheritance"). If you think how many files you have in a typical system (not to mention servers), it's obviously beyond human capacity to manage them *individually* That's where the capabilities model excels: Specify what a program or a procees may do instead of specifying what may be done to a file. Although this looks like the other side of the same coin, there is huge difference in the magnitude of the problem -- how many programs/processes a sys-admin have to manage? -- Oron Peled Voice/Fax: +972-4-8228492 [EMAIL PROTECTED] http://www.actcom.co.il/~oron "Those who do not understand Unix are condemned to reinvent it, poorly." (H. Spencer) ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]