vda wrote:
> Hmm. I thought proper group management can let you live with std UNIX
> file permissions model... NT ACLs are horrendously complex.
> "Make it as simple as possible, but not simpler"
You can, but there are situations where you end up with a combinatorial
explosion of groups to accommodate a matrix of possible permissions on
things. And there is another significantly limiting factor which is the
restriction on the number of groups a process can belong to (currently
32 I believe).
I think ACLs are a good solution to the problem, and indeed are what
*should* have been done originally ... however I suspect that would have
added a significant overhead to the original UNIX, and one of the great
benefits at the time was that UNIX was designed to run on pretty low-end
hardware. VMS was a heavyweight beast on VAXen, did it ever run on PDP
machines? There was a complex system :o)
I'm thinking of Solaris' ACLs rather than NT, I don't know much about
the latter so I can't really comment on them.
> It is legitimate to do that. Do I really have to explain?
No, I know what you're trying to do. I have done it myself many times.
Why some sources come packed so they're only readable by root is beyond
me :o)
> I have a script which is designed to sweep entire tree starting from /
> and do some sanity checks. For example, it Opens Source:
>
> chmod -R -c a+R /usr/src
>
> 8-)
OK, point conceded, although I can live with two passes for that sort
of thing. Yours is a neat solution in fact.
> --
> vda
--
/* Bill Crawford, Unix Systems Developer, Ebone (formerly GTS Netcom) */
#include <stddiscl>
const char *addresses[] = {
"[email protected]", "[email protected]", // work
"[email protected]", "[email protected]" // home
};