vda wrote:
> > Perhaps we should not distinguish between read and execute on programs
> > either? After all, they're not much different, are they?
This was intended to be sarcastic :o)
> Yes, we can. In fact, NT lives with it with no problem. It is very common
> in NT to have rx on all readable files regardless of their 'executability'.
> If someone have 'r' perms, he can make a copy of a file, flag it with x and
> execute.
In theory one can do just that on Un*x systems too. That's why setid
bits can't be set by just anybody.
What if the program is setuid and executable by a group but not other?
We do this with "su" on servers.
Now, ACLs I want to see widely supported on Linux, and *used* properly
too. They've been little used in most environments I've seen even on
systems that do support them, which is a shame as they are a necessary
and useful idea. Yes, the Un*x permissions system does have some
limitations, but let's not break *all* the existing software and OSs
that use them, since what you're suggesting will not improve things.
> versions of it). It's too late. I've made patch for chmod which adds new +R
> flag to that effect.
Why is that needed anyway? By default directories get execute bit set
when they're created, at least in my environment; if you're extending
permissions you can use "go=u" or "o=g" to broaden the permissions, as
I would expect the existing perms to be correct on files vs directories
in most cases.
> --
> vda
--
/* Bill Crawford, Unix Systems Developer, Ebone (formerly GTS Netcom) */
#include <stddiscl>
const char *addresses[] = {
"[email protected]", "[email protected]", // work
"[email protected]", "[email protected]" // home
};