Announcement

Collapse
No announcement yet.

More Features Begin Lining Up For Fedora 36

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #41
    Originally posted by jacob View Post
    Linux ACLs don't handle that at all (even though the kernel knows of such types of permissions and they can be used for example in apparmor)
    i.e. actually linux can do what you want, it's just called apparmor?

    Comment


    • #42
      Originally posted by pal666 View Post
      i.e. actually linux can do what you want, it's just called apparmor?
      Nope. Apparmor is MAC, ACLs are DAC.

      Comment


      • #43
        Originally posted by MadeUpName View Post

        There is nothing wrong with the model or the file systems. The issues is user inertia and the tools to use the ACLs. ACLs are more friendly to use in a GUI.
        It is wrong. Some of the reasons (there are probably many more):
        • Apps almost never take ACLs into account. Instead whenever they need to change permissions they always use chmod(2) which, if they touch the group bits, means that they effectively disable ACLs due to the broken semantics. Libvirt is a particularly annoying example of this.
        • There is no delete permission, even with ACLs deleting a file is handled by the write permission to the containing folder. This is unbelievably idiotic (being able to create a file = same thing as being able to delete somebody else's file, wtf)
        • There is no append permission, only an attribute bit which is separate from the permissions. So you can't say that users A and B can modify a file and users C and D can only append to it
        • There is no inheritance: you can't say group X has the same rights as group Y plus the following...
        • As I already mentioned, the ACLs are only usable with files, all other kernel objects only allow rwx

        Comment


        • #44
          Originally posted by jacob View Post

          It is wrong. Some of the reasons (there are probably many more):
          • Apps almost never take ACLs into account. Instead whenever they need to change permissions they always use chmod(2) which, if they touch the group bits, means that they effectively disable ACLs due to the broken semantics. Libvirt is a particularly annoying example of this.
          • There is no delete permission, even with ACLs deleting a file is handled by the write permission to the containing folder. This is unbelievably idiotic (being able to create a file = same thing as being able to delete somebody else's file, wtf)
          • There is no append permission, only an attribute bit which is separate from the permissions. So you can't say that users A and B can modify a file and users C and D can only append to it
          • There is no inheritance: you can't say group X has the same rights as group Y plus the following...
          • As I already mentioned, the ACLs are only usable with files, all other kernel objects only allow rwx
          ACLs exist and they work. You are conflating ACLs with POSIX permissions to build a strawman argument.

          I will bite on your last argument but I will point out that ACLs apply to directories as well. Now please provide us an example of a kernel object that needs ACLs that doesn't have them.

          Comment


          • #45
            Originally posted by MadeUpName View Post

            ACLs exist and they work. You are conflating ACLs with POSIX permissions to build a strawman argument.
            I just listed a number of reasons why the existing ACL support in Linux (not ACLs in general) is substandard in my view, no strawman here,

            Originally posted by MadeUpName View Post
            I will bite on your last argument but I will point out that ACLs apply to directories as well. Now please provide us an example of a kernel object that needs ACLs that doesn't have them.
            ACLs would be very useful for example for shared mem, eventfds, or local (AF_UNIX) sockets.

            Comment


            • #46
              Originally posted by jacob View Post

              Why does it matter?
              Because they are the canonical paths

              Comment

              Working...
              X