On 4/26/07, Ricardo Nabinger Sanchez <[EMAIL PROTECTED]> wrote: > On Wed, 25 Apr 2007 20:02:11 -0700 > > But adding groups per-user is almost what you get by using ACLs. >
True. > > Like you, I tend to think about large system, often much larger than > practically acceptable, and also very heterogeneous (very means not only > Gobo, and even not only Linux). > > Even so, I still don't see a point to have per-user groups, instead of > well-defined (and fine-grained) groups, like cdrom, video, mount, sudo (or > wheel), and so on. My list hardly goes over 30 groups. > > Isn't it possible to the 2 options co-exist? It may be harder, but I think > it's worth it. > Those are orthogonal issues. per-user groups allow "friends of mine" sharing between subsets of all users. This is NOT administrative policy but choices that each user can make. "well-defined groups" sets admin policy, for how sets of users can access the system. There was a thread about the udev recipe on whether to unify cdrom,video,audio into a single console group (sorry, don't remember the outcome). That and this are really the same issue. Fine grained control vs simplicity. As a distro we need to choose a path and follow it. -- Carlo J. Calica _______________________________________________ gobolinux-devel mailing list gobolinux-devel@lists.gobolinux.org http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel
