ACLs are not "common knowledge" -- Apple probably uses them more than any other vendor.
While ACLs (Access Control Lists) provide much finer-grained security than the old User/Group/Other (or Owner/Group/World depending on your background) technique, they take a great deal more THOUGHT and UNDERSTANDING to use effectively -- and to troubleshoot. In the name of "user friendly" vendors have opted to avoid all the RTFM necessary for effective ACL usage. Consequently, so many things are simply "wide open" and not secure. I have no statistics, but when I retired back in 2003, almost nobody used ACLs even though they had been around for several years. Looking at the ACL man page, it appears that BSD included them in 2002. . . . and just doing some quick googles, it appears that posix.1e is "still" in "draft" form (since 2000), but that is a whole different issue. :) > On Feb 13, 2015, at 12:43 PM, Murray Eisenberg <[email protected]> > wrote: > > (I find it strange that while searching on-line for how to use a non-default > location for the mysql datadir, none of them mentioned such ACL manipulation > (all they described was giving _mysql ownership of the new datadir). T.T.F.N. William H. Magill # iMac11,3 Core i7 [2.93GHz - 8 GB 1067MHz] OS X 10.10.2 # Macmini6,1 Intel Core i5 [2.5 Ghz - 4GB 1600MHz] OS X 10.10.2 [email protected] [email protected] [email protected] _______________________________________________ macports-users mailing list [email protected] https://lists.macosforge.org/mailman/listinfo/macports-users
