Hello Miguel,
I don't understand two thinks :
1.
When you say that "the first inherited is always the last processed", do
you mean that Slide processes inheritable ACE on /b, then inheritable
ACE on /a ... ?
2.
Why ACEs on a resource are not enougth to grant or deny a permission
(cf. my problem on /files/partage/demoEsup) ?
bonus. :-)
How can we know exactly what ACEs to put to grant or deny a permission
(how Slide processes permissions exactly ?)
Thank you.
Thomas
Miguel Figueiredo wrote:
Hello Thomas,
Inherited ACEs are always resolved last. For example, take the following
path:
/slide/file/a/b/c.txt
Slide first checks for c.txt ACEs, then b/ ACEs, then a/ until slide/
collection's ACEs. Means that inherited ACEs are always processed last, and
the first inherited is always the last processed.
Hope this helps,
Miguel Figueiredo
-----Original Message-----
From: Thomas Bellembois [mailto:[EMAIL PROTECTED]
Sent: segunda-feira, 27 de Junho de 2005 15:35
To: Slide Developers Mailing List
Subject: ACL evaluation
Hello,
I have a problem trying to put permission on one resource.
I have understood that ACL's are evaluated from the top to the bottom.
But what about inherited ACL's ? Are they evaluated first ?
I could not find this information neither in the RFC or in the mailing
list. :-(
My problem is that I have the following permissions :
/files/partage : deny all all inheritable
/files/partage/demoEsup : grant read /users/demoEsup inheritable, grant
write /users/demoEsup inheritable
And the user demoEsup can not read or write in the folder
/files/partage/demoEsup.
But if I change the permission on /files/partage into :
/files/partage : deny write all inheritable
it works...
Any idea ?
Thank you very much
Thomas
--
+---=( Thomas Bellembois )=---+
| CRI - University of Rennes 1 - FR |
| [EMAIL PROTECTED] |
| +33 2 23 23 69 60 |
+-----------------------------------+
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
