Rich Freeman on 3 Feb 2012 13:25:16 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Subtlety of the user, group, world permission model

On Fri, Feb 3, 2012 at 4:02 PM, Austin Murphy <> wrote:
> Summary: File permissions, the most basic form of security control
> that exists on Unix-like systems, is still misunderstood by many.

And that is without getting into ACLs, POSIX capabilities, or various
MAC/RBAC strategies like SELinux or grsecurity...

I've always thought that unix file modes were a sledgehammer approach
to security.  Then again, anytime at work I've had to mess with large
fileshares where people have tried to implement ACLs it turns into
such an unholy mess that perhaps simple really is better.

POSIX capabilities are one thing that are easy to use and do have
serious security benefits so that is something I'd like to see become
a lot more popular.  That is a bit more of a distro item than an
administration item.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --