rwx in ACLs (was Re: extattr in-kernel interface)

[Ilmar S. Habibulin]

On Tue, 18 Apr 2000 jont at us.ibm.com wrote:

> A common theme of the ideas I want to borrow from WinNT's ACL model
> is to reduce the powers of god (or a PMT suffering BOFH :-).
You think that NT doesn't have some god-powered user?

> | IMHO, take ownship suxx. I can't imagine the data processing model,
> | which will require such a strange permition. It maybe a capability,
> | but not an ACL permition.
> Many early versions of chown were not restricted to root.
> This provided an excellent attack on the quota system. I never, ..., honest
> :-)
> The solution was like using an axe not a chisel:
>   rather than make it secure they removed it from normal use.

> So the questions become:
> a) do we want a secure transfer of ownership ?
> b) is there a better way than take-owner ?
Should we or anybody else use the transfer of the ownership? If you want
to own some file - make a copy of it, for ex. Another example is if you
are owning some directory and controling access to it, you have to
transfer your ownership to some other person, who would now control this
directory. But why should you transfer your ownership? Maybe your boss
told you to do that? Then he would told some higher level admin to change
ownerships/permitions i think. Maybe i'm wrong.

To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message