On Sat, Jun 9, 2018 at 4:31 PM Wol's lists <antli...@youngman.org.uk> wrote: > > On 09/06/18 18:09, Rich Freeman wrote: > > I feel like this is something that Windows natively gets "better" than > > POSIX. They have a concept of UIDs being specific to a machine or > > authentication server (or domain as they call it), and this concept is > > enforced at the host level. That said, I'm sure this approach has its > > downsides as well, in particular it is certainly more complex and at > > work we practically forbid any kind of windows ACLs at anything other > > than the top mount level because it is so hard to control. > > Windows is better than POSIX?! That doesn't say much for POSIX then, > seeing as I feel Windows ACLs are overly complex and difficult!
I wasn't talking about the ACLs (in fact I pointed out the issues with those). I was talking about the UIDs, which in windows are made of two components so that users on one domain can have access to resources on another domain, without having to replicate the UID databases. -- Rich
