On Tue, 2003-11-18 at 11:30, Christopher Sawtell wrote: > > The extension of this is ACLs - I've used ACL-based systems extensively > > in the past, and without a decent management system, > Can you recommend one? Nope. :-)
I was hacking on VMS. Some aspects were deeply satisfying (like privilege-escalation attacks ... VMS had an excessive number of privileges for a user ...) but others were a little clunky (DCL, the command scripting language ... and the COBOL-ish "program switches as full words only" habits). You could specify ACLs on files, but they felt very added-on-later - IIRC the standard directory lister didn't show them to you. You had to remember to query each file to find out what the ACL for it was (It's possible that I'm mis-remembering, or simply didn't know the right commands). It was easy to declare unuseable combinations for a file. > > > they become very > > difficult to manage. Groups are clunky compared to ACLs, but generally > > adequate. > Note that the database systems offer fine control over access to the internal > tables. Is that "fine control" as in "fine-grained control", or "excellent control" ? IMO, it's having two separate schemes for permission information that leads to problems. If you're using ACLs, have by default ACL groups that match the traditional unix permission categories, and hack 'ls' so that it presents these permissions - or use ACLs, and set the unix permissions to something "impossible", like 0000 ... thus reminding you to refer to ACLs instead ... -jim
