Gilad Ben-Yossef <[EMAIL PROTECTED]> writes: > IMHO this is the real problem with ACLs - they give you the ability > to define a security policy with very fine resolution. But guess - > what? it doesn't help you one bit understand what that security policy > should be. In a sense, having more options causes more confusion and > margin error then solve real problems.
I certainly agree. UNIX is often criticized for its "simplistic" permissions model. However, I feel that it's a strength, not a weakness. ACLs tend to lead to a lot of complexity which is not needed in (100-epsilon) per cent of the time, where epsilon is *really* small. -- Oleg Goldshmidt | [EMAIL PROTECTED] ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
