> we give the right to add folder to user foo.(this > user can not delete anything as a default) After that > we give the right create file.And then user foo gains > delete everthing. How come is it possible. > Even though we add another rule like > "0:user:foo:delete_child/delete:deny". Again it does > not work . Why please somebody answer this strange > situation.
I can't find any response to this query from last August. I can confirm that on a Solaris 10 U3 fully patched server that the 'delete_child' ACL is being ignored in ZFS. Deletion is only controlled by the 'add_file' ACL. I'm fairly certain that this is in violation of the NFSv4 spec, which zfs claims to implement. The "sticky bit" on a directory is also not reflected in the ACLs output by 'ls -dv', although it appears to work as usual. I have a nasty suspicion that this is related. -- Carson This message posted from opensolaris.org _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
