> ...the hurd changes this somewhat to for non-logined > users, by adding a new 4th rule somewhere, perhaps (not sure) like > this: > > 1. no userid => access=--- > 2. userid==bam => access=rwx > 3. groupid==users => access=rw- > 4. default => access=r-- > > ACLs will allow you to setup different rules for each file, without > being fixed to any given structure. > > So, for instance, if I wanted to let a friend access a copy of > my file, I could gives rules like: > > 1. userid==bam => access=rwx > 2. userid==friend1 => access=rwx > 3. userid==friend2 => access=r-x > 4. default => access=r-- > > (you could argue that these rules are a bit stupid, ie denying world > execute permission, but allowing friend2 to execute. Still, this > might be useful for SetUid programs).
Can you create as few or as many of these rules as you like? Also, it looks like there are no group IDs.
